PNG
�
���
IHDR�������������x����sBIT����|�d��� pHYs�������+������tEXtSoftware�www.inkscape.org<���,tEXtComment�
File Manager
File Manager
Viewing File: certificate.js
// Copyright 2016 Joyent, Inc.
module.exports = Certificate;
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var algs = require('./algs');
var crypto = require('crypto');
var Fingerprint = require('./fingerprint');
var Signature = require('./signature');
var errs = require('./errors');
var util = require('util');
var utils = require('./utils');
var Key = require('./key');
var PrivateKey = require('./private-key');
var Identity = require('./identity');
var formats = {};
formats['openssh'] = require('./formats/openssh-cert');
formats['x509'] = require('./formats/x509');
formats['pem'] = require('./formats/x509-pem');
var CertificateParseError = errs.CertificateParseError;
var InvalidAlgorithmError = errs.InvalidAlgorithmError;
function Certificate(opts) {
assert.object(opts, 'options');
assert.arrayOfObject(opts.subjects, 'options.subjects');
utils.assertCompatible(opts.subjects[0], Identity, [1, 0],
'options.subjects');
utils.assertCompatible(opts.subjectKey, Key, [1, 0],
'options.subjectKey');
utils.assertCompatible(opts.issuer, Identity, [1, 0], 'options.issuer');
if (opts.issuerKey !== undefined) {
utils.assertCompatible(opts.issuerKey, Key, [1, 0],
'options.issuerKey');
}
assert.object(opts.signatures, 'options.signatures');
assert.buffer(opts.serial, 'options.serial');
assert.date(opts.validFrom, 'options.validFrom');
assert.date(opts.validUntil, 'optons.validUntil');
assert.optionalArrayOfString(opts.purposes, 'options.purposes');
this._hashCache = {};
this.subjects = opts.subjects;
this.issuer = opts.issuer;
this.subjectKey = opts.subjectKey;
this.issuerKey = opts.issuerKey;
this.signatures = opts.signatures;
this.serial = opts.serial;
this.validFrom = opts.validFrom;
this.validUntil = opts.validUntil;
this.purposes = opts.purposes;
}
Certificate.formats = formats;
Certificate.prototype.toBuffer = function (format, options) {
if (format === undefined)
format = 'x509';
assert.string(format, 'format');
assert.object(formats[format], 'formats[format]');
assert.optionalObject(options, 'options');
return (formats[format].write(this, options));
};
Certificate.prototype.toString = function (format, options) {
if (format === undefined)
format = 'pem';
return (this.toBuffer(format, options).toString());
};
Certificate.prototype.fingerprint = function (algo) {
if (algo === undefined)
algo = 'sha256';
assert.string(algo, 'algorithm');
var opts = {
type: 'certificate',
hash: this.hash(algo),
algorithm: algo
};
return (new Fingerprint(opts));
};
Certificate.prototype.hash = function (algo) {
assert.string(algo, 'algorithm');
algo = algo.toLowerCase();
if (algs.hashAlgs[algo] === undefined)
throw (new InvalidAlgorithmError(algo));
if (this._hashCache[algo])
return (this._hashCache[algo]);
var hash = crypto.createHash(algo).
update(this.toBuffer('x509')).digest();
this._hashCache[algo] = hash;
return (hash);
};
Certificate.prototype.isExpired = function (when) {
if (when === undefined)
when = new Date();
return (!((when.getTime() >= this.validFrom.getTime()) &&
(when.getTime() < this.validUntil.getTime())));
};
Certificate.prototype.isSignedBy = function (issuerCert) {
utils.assertCompatible(issuerCert, Certificate, [1, 0], 'issuer');
if (!this.issuer.equals(issuerCert.subjects[0]))
return (false);
if (this.issuer.purposes && this.issuer.purposes.length > 0 &&
this.issuer.purposes.indexOf('ca') === -1) {
return (false);
}
return (this.isSignedByKey(issuerCert.subjectKey));
};
Certificate.prototype.getExtension = function (keyOrOid) {
assert.string(keyOrOid, 'keyOrOid');
var ext = this.getExtensions().filter(function (maybeExt) {
if (maybeExt.format === 'x509')
return (maybeExt.oid === keyOrOid);
if (maybeExt.format === 'openssh')
return (maybeExt.name === keyOrOid);
return (false);
})[0];
return (ext);
};
Certificate.prototype.getExtensions = function () {
var exts = [];
var x509 = this.signatures.x509;
if (x509 && x509.extras && x509.extras.exts) {
x509.extras.exts.forEach(function (ext) {
ext.format = 'x509';
exts.push(ext);
});
}
var openssh = this.signatures.openssh;
if (openssh && openssh.exts) {
openssh.exts.forEach(function (ext) {
ext.format = 'openssh';
exts.push(ext);
});
}
return (exts);
};
Certificate.prototype.isSignedByKey = function (issuerKey) {
utils.assertCompatible(issuerKey, Key, [1, 2], 'issuerKey');
if (this.issuerKey !== undefined) {
return (this.issuerKey.
fingerprint('sha512').matches(issuerKey));
}
var fmt = Object.keys(this.signatures)[0];
var valid = formats[fmt].verify(this, issuerKey);
if (valid)
this.issuerKey = issuerKey;
return (valid);
};
Certificate.prototype.signWith = function (key) {
utils.assertCompatible(key, PrivateKey, [1, 2], 'key');
var fmts = Object.keys(formats);
var didOne = false;
for (var i = 0; i < fmts.length; ++i) {
if (fmts[i] !== 'pem') {
var ret = formats[fmts[i]].sign(this, key);
if (ret === true)
didOne = true;
}
}
if (!didOne) {
throw (new Error('Failed to sign the certificate for any ' +
'available certificate formats'));
}
};
Certificate.createSelfSigned = function (subjectOrSubjects, key, options) {
var subjects;
if (Array.isArray(subjectOrSubjects))
subjects = subjectOrSubjects;
else
subjects = [subjectOrSubjects];
assert.arrayOfObject(subjects);
subjects.forEach(function (subject) {
utils.assertCompatible(subject, Identity, [1, 0], 'subject');
});
utils.assertCompatible(key, PrivateKey, [1, 2], 'private key');
assert.optionalObject(options, 'options');
if (options === undefined)
options = {};
assert.optionalObject(options.validFrom, 'options.validFrom');
assert.optionalObject(options.validUntil, 'options.validUntil');
var validFrom = options.validFrom;
var validUntil = options.validUntil;
if (validFrom === undefined)
validFrom = new Date();
if (validUntil === undefined) {
assert.optionalNumber(options.lifetime, 'options.lifetime');
var lifetime = options.lifetime;
if (lifetime === undefined)
lifetime = 10*365*24*3600;
validUntil = new Date();
validUntil.setTime(validUntil.getTime() + lifetime*1000);
}
assert.optionalBuffer(options.serial, 'options.serial');
var serial = options.serial;
if (serial === undefined)
serial = Buffer.from('0000000000000001', 'hex');
var purposes = options.purposes;
if (purposes === undefined)
purposes = [];
if (purposes.indexOf('signature') === -1)
purposes.push('signature');
/* Self-signed certs are always CAs. */
if (purposes.indexOf('ca') === -1)
purposes.push('ca');
if (purposes.indexOf('crl') === -1)
purposes.push('crl');
/*
* If we weren't explicitly given any other purposes, do the sensible
* thing and add some basic ones depending on the subject type.
*/
if (purposes.length <= 3) {
var hostSubjects = subjects.filter(function (subject) {
return (subject.type === 'host');
});
var userSubjects = subjects.filter(function (subject) {
return (subject.type === 'user');
});
if (hostSubjects.length > 0) {
if (purposes.indexOf('serverAuth') === -1)
purposes.push('serverAuth');
}
if (userSubjects.length > 0) {
if (purposes.indexOf('clientAuth') === -1)
purposes.push('clientAuth');
}
if (userSubjects.length > 0 || hostSubjects.length > 0) {
if (purposes.indexOf('keyAgreement') === -1)
purposes.push('keyAgreement');
if (key.type === 'rsa' &&
purposes.indexOf('encryption') === -1)
purposes.push('encryption');
}
}
var cert = new Certificate({
subjects: subjects,
issuer: subjects[0],
subjectKey: key.toPublic(),
issuerKey: key.toPublic(),
signatures: {},
serial: serial,
validFrom: validFrom,
validUntil: validUntil,
purposes: purposes
});
cert.signWith(key);
return (cert);
};
Certificate.create =
function (subjectOrSubjects, key, issuer, issuerKey, options) {
var subjects;
if (Array.isArray(subjectOrSubjects))
subjects = subjectOrSubjects;
else
subjects = [subjectOrSubjects];
assert.arrayOfObject(subjects);
subjects.forEach(function (subject) {
utils.assertCompatible(subject, Identity, [1, 0], 'subject');
});
utils.assertCompatible(key, Key, [1, 0], 'key');
if (PrivateKey.isPrivateKey(key))
key = key.toPublic();
utils.assertCompatible(issuer, Identity, [1, 0], 'issuer');
utils.assertCompatible(issuerKey, PrivateKey, [1, 2], 'issuer key');
assert.optionalObject(options, 'options');
if (options === undefined)
options = {};
assert.optionalObject(options.validFrom, 'options.validFrom');
assert.optionalObject(options.validUntil, 'options.validUntil');
var validFrom = options.validFrom;
var validUntil = options.validUntil;
if (validFrom === undefined)
validFrom = new Date();
if (validUntil === undefined) {
assert.optionalNumber(options.lifetime, 'options.lifetime');
var lifetime = options.lifetime;
if (lifetime === undefined)
lifetime = 10*365*24*3600;
validUntil = new Date();
validUntil.setTime(validUntil.getTime() + lifetime*1000);
}
assert.optionalBuffer(options.serial, 'options.serial');
var serial = options.serial;
if (serial === undefined)
serial = Buffer.from('0000000000000001', 'hex');
var purposes = options.purposes;
if (purposes === undefined)
purposes = [];
if (purposes.indexOf('signature') === -1)
purposes.push('signature');
if (options.ca === true) {
if (purposes.indexOf('ca') === -1)
purposes.push('ca');
if (purposes.indexOf('crl') === -1)
purposes.push('crl');
}
var hostSubjects = subjects.filter(function (subject) {
return (subject.type === 'host');
});
var userSubjects = subjects.filter(function (subject) {
return (subject.type === 'user');
});
if (hostSubjects.length > 0) {
if (purposes.indexOf('serverAuth') === -1)
purposes.push('serverAuth');
}
if (userSubjects.length > 0) {
if (purposes.indexOf('clientAuth') === -1)
purposes.push('clientAuth');
}
if (userSubjects.length > 0 || hostSubjects.length > 0) {
if (purposes.indexOf('keyAgreement') === -1)
purposes.push('keyAgreement');
if (key.type === 'rsa' &&
purposes.indexOf('encryption') === -1)
purposes.push('encryption');
}
var cert = new Certificate({
subjects: subjects,
issuer: issuer,
subjectKey: key,
issuerKey: issuerKey.toPublic(),
signatures: {},
serial: serial,
validFrom: validFrom,
validUntil: validUntil,
purposes: purposes
});
cert.signWith(issuerKey);
return (cert);
};
Certificate.parse = function (data, format, options) {
if (typeof (data) !== 'string')
assert.buffer(data, 'data');
if (format === undefined)
format = 'auto';
assert.string(format, 'format');
if (typeof (options) === 'string')
options = { filename: options };
assert.optionalObject(options, 'options');
if (options === undefined)
options = {};
assert.optionalString(options.filename, 'options.filename');
if (options.filename === undefined)
options.filename = '(unnamed)';
assert.object(formats[format], 'formats[format]');
try {
var k = formats[format].read(data, options);
return (k);
} catch (e) {
throw (new CertificateParseError(options.filename, format, e));
}
};
Certificate.isCertificate = function (obj, ver) {
return (utils.isCompatible(obj, Certificate, ver));
};
/*
* API versions for Certificate:
* [1,0] -- initial ver
* [1,1] -- openssh format now unpacks extensions
*/
Certificate.prototype._sshpkApiVersion = [1, 1];
Certificate._oldVersionDetect = function (obj) {
return ([1, 0]);
};
�b�� �IDATxytVսϓ�22� ��A@�I�R�:hCi�Z[v*E:WũZA ^d�Q�e�Q @ !�jZ'>gsV仿$|?g)&x-E�IENT ;�@x�T.i%-X�}�Sv��S5.r/��UHz^_$-W"�w)Ɗ/�@Z &IoX��P$K}��JzX:;`�� �&, �ŋui,e6mX
�Եr��Kb1ԗ)����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A������݀!I*]R;I2$e�Z#ORZSrr�6mteffu*((Pu'v{����DIߔ4^pIm��'77WEEE�;vƎ�4-����$]'RI{���\I&G� ��:IHJ
�DWBB=\WRm�
��o$K(V�9��ABB.�}jѢv��`^?IOȅ}���ڶmG�}T#FJ`5��6$-���ھ}F�I&v;0(h;��Б����38CӧOWf!;�A
�i:F��_m�9s&�|��q�%=#���wZprrrl��a
�A� &��P\\СC[A#�!� {��olF}
`E2}�MK/v�V��)i�{��4BffV\|ۭX��`�b�@kɶ@��%i$K���z5zhmX���[��IXZ��` 'b%$�r5�M4º��/l
ԃ�ߖ��xhʔ)[@=}
K6IM}^��5k㏷݆z
ΗÿO:gdGBmyT/�@+Vɶ�纽zl.yit뭷zV��0[Y^�>Wsqs}\/�@$(T7f.Inݺi����R$푔n.�~?H))\Z��RW'Mo~v
Ov�6oԃ���xz!��S,&xm/yɞԟ?'ua�S�ѽb,�8GלKboi&3�t7Y,�)JJ�����c[nzӳd�E�&K�sZLӄ��I���?�@���&�%ӟ۶mSMMњ0�iؐSZ,���|J+N
�~�,0A�0!5%Q-�YQQa�3��}$_vVr�f9f?S��8`��z���D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����d�qP,تmMmg��1V?�rSI꒟]u|l
R�CyEf٢9�jURbztѰ!m5~tGj2DhG*{H9)꒟ר3:(+3\?/;TUݭʴ~S6lڧUJ�*�i$d(#=Yݺd{,p|3B))���q:vN0Y.jkק6;Sɶ�VzHJJЀ-utѹսk>QUU�\~]fFnK?�&ߡ�5b=z9)^|u�_k-[��y%ZNU6 7Mi�:]ۦ�tk�[n
�X(e6��Bb."8cۭ|~te��uu�w|ήI-5"~U�k;ZicEm�N/:]M>
��c�Q^uiƞ�??Ң�p�c#��TUU3UakNwA`�:�Y_V-8.KKfRi�tv*
�9S6ֿj,Ճ�NOMߤ]z^fOh|<>�@Å5���_�/Iu?{SY4hK�/2�]�4%it5�q]GGe��2%iR|
�W&�f��*^]??v�q[LgE_3f}Fxu~}qd-ږFxu~I N��>\;͗O֊:̗WJ�@���Bh�W�=y�|GgwܷH_NY�?)�Tdi'?խw�hlmQi� ��!SUUs�w4kӺe�4rfxu�-[nHt�MFj}H_u~w>)oV}(T'ebʒv3_[+vn����@Ȭ\S}ot}w=k�HFnxg�S 0eޢm�~l}u�qZf�F��oZuuEg
�`z�t~?�b;t%�>WTkķh[����2eG8LIWx,�^\thr�l^Ϊ�{�=dž�<}qV@ �⠨W�y^L�F_>0Uk��D�uʫuCs$)I��v�:IK�;��6ֲ4{^6����եm+l��3>݆�uM 9�u�����?>Zc�}g~qhKwڭ�e���FMM~pМuq�ǿz6Tb@8�@Y|jx]�(^]gf}�M"tG
����-w.@�vOqh~/HII�`���S[l.6nØXL9v�U���cOoB\�xo�Ǥ'T&I��Ǎ�Qw_wpv[kmO{w~>#=P1P�ɞa-we:iǏlHo꒟f9SzH?+shk%Fs:����q��VhqY�`jvO'ρ?PyX3lх]˾uV{ݞ]1,MzYNW~̈́�joYn}ȚF߾mS]F� z+EDxm/���d{F�{-W-4wY듏:??_gPf
^3��ecg ���ҵs�8R2מz�@T�A�N�Gj)}CNi/R~}c:5{!�ZHӋӾ�6}T]��G�]7W6^�n
9*,Y�qOZj�:P?Q� D���FL|?-^.Ɵ7��}fFhxe2Ps���cz1�&�5\��cn[=Vn�[ĶE鎀u�ˌd3GII ��k;lNmشOuuRVfBE]ۣ��e���Ӷu�
:X-[(�e�r4~LHi6�:Ѻ@ԅ��r���ST�0�trk%$Č�0���ez"� *�z�"�T/X9|8.C5Feg}�C�Q%͞�ˣJ�v�L/?�����j^��h��&��9xF`њZ�(��&��yF&Iݻf�g�����#W;3^{Wo^4'v������V[[K';+mӍִ]��AC�@��W?1^{එyh�����+^]fm~iԵ]��AB�@WTk̏t�uR?l.OIHiYyԶ]��Aˀ�7c:q}ힽaf6Z~қ�m(+sK4{^6}T�*UUu]�n.:kx{:2 ��_m=�sAߤU@?���Z-Vކе��z왍Nэ{�|5��� pڶn�b
p-@sPg]0G7fy-M{GCF'%{4`���=$-Ge\��eU:m+Zt'W�jO!O�AF�@ik&t݆�ϥ�_
e}=]��"���Wz_.͜E3leW�������Fih|t-wZۍ-uw=6���YN�{6|}��|�*={Ѽn.�S��.�z1z�jۻTH]흾 D�uD�v��mvK�.`���V]yY~sI@t?/ϓ. �����m&[�"��+P?MzovV�ЫG3-�G�RR��[�(!!\_,�^%?v�@���ҵő
m`Y)te�m8GM��x.))A]Y�i`ViW`��?^�~!�S#^+ѽ��GZj?Vģ����0.))AlzL*�]�OXrY���`DBBLOj{-MH'ii-ϰ�o�k7^��
�)쭡��b]UXS�ְmռY|5�*cֽk�0B7镹%ڽP#�8nȎq}mJr23�_>�l�E5$iwui+ ��H~F`�IjƵ�@q
��\�� ��@#qG�0"��.�0"����� l���������`������.�0!����� ,��AQ�HN6�qz�kKJ#�o;`Xv�2>,tێJJ7Z/*�A���.@fفjMzk�g�����@Tv�ZH3Zxu6Ra'%O?/�d���Q�5x�Yk�U]Rֽkق@���Da�S^RS�ּ5�|BeHNN͘p
��H�v���cYcC5:y
#`οb;�z����2��.!kr}gUWkyZn=�f ����P�v��s�n3p~�;4p˚=ē~NmI] ��¾�0lH[_L�hs�h_�ғߤ�c_њe��c)��g�7V�IZ5�yrgk̞W#IjӪv>՞y睝M8[��|�]\շ�8M�6%|@P����ZڨI-m>=k�=��'a�iRo-x�?>Q.����}�`Ȏ:Wsm�u u� ��>
.@,&;�+!!�˱tﭧD����Qw�RW\v�F\~Q7>sp���Yw�$�%A~;~}6���¾�g��&if_��=j,v+U���L�1(tW�a�ke�:�@Ș>j$Gq2t7S?v�L|]u/ .(�0�E��6Mk6hiۺzښOr�ifޱxm/Gx>� �Lal%%~{lBsR4*�}{0Z/�tN�IɚpV�^#�Lf:u@k#RS�u
=S^ZyuR/�.@n&z~B=0eg�뺆#�,Þ[����B�/?H �uUf7y
Wy}Bw�egל`�Wh(||`l`.;Ws�?V@"�c:iɍL֯PGv�6z�ctM̠':wuW��;d=;E�veD}9J�@���B(�0iհ���bvP1{\P&G7DIy�_$-Q��jm~Yrr&]C�Dv%��bh|�Yzni�_���R�;kg}nJOIIw��y�u�L}{ЌNj}:+3Y?:W�J/N+Rzd=hb�;d�j͒suݔ@NKMԄ�jqzC5�@y°h�L�m;*5ezᕏ=ep
�XL�n?מ:r`��۵�tŤZ|1v`V뽧_csج'ߤ%oTuumk%%%h)uy]Nk�[n
�'b2 ��l.=�͜E%�gf$[c;s:�V-͞WߤWh-j7]4��=F-X]>ZLSi[Y*We;�Zan(Ӈ�W|e(HNNP�5[=
r4tP�
�&0<�p�c#�`vTNV
GFqvTi�*�Tyam$ߏWyE*�VJKMTfF�w�����>'�$-ؽ.Ho.8c�"@���D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A~�j*�֘,��N;Pi3599h=g�oض��L��giJ5փy~�}&Zd9�p֚
e:|hL`�`b/d9�p?�fgg+%%hMg�Xosج�, �ΩOl0Zh=x�djL���mhݻ��o��O��[g_l,�8a]٭+ӧ0�$I�]����c]:粹:Teꢢ"5a^Kgh,&�=��=�՟�^߶ߢE�ܹS J}I%:8��
IDAT~,9/ʃ�PW'Mo�}zNƍ쨓zPb��NZ~^z�=4mswg;5 Y�~�SVMR��XUյڱRf?s:w
;�6��H:º���i�5�-maM�&O�3�;�1IKeam��Zh͛7+##v+c� ~u~ca]�GnF'ټL~����PPPbn
v�oC���4R,�ӟgg��%hq}�@#M4IÇ��� �Oy^xM��Zx
) ���yO�w��@HkN˖-Sǎ�mb]X�@�n+i͖��!++K3gd\��$mt$^���Yf��J�\�8PRF��)77Wא!Cl����$i:��@@_o�G��� I{$# ��8磌ŋ9�1A�(�Im7��֭>}ߴJq�7ޗt^� -[ԩSj*�}�%]&'
-��ɓ'ꫯVzzvB#;�a
�7@GxI{�jƌ�.LÇ�WBB7�`O"I$�/@R���@�eee@���۷��>}0���,ɒ2$53Xs|cS~r�pTYYY}� k�Hc��%&k�.], �@��A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A�����D���A������@lT<%''*Lo^={رc5h %$�+CnܸQ3fҥK}vUVVs9G�
R,_{�xˇ�3��o߾;TTTd�}�馛]uuuG~iԩ�@4����bn�vmv�fϞ�/Peeeq}}�z���a
�I~,誫{UWW뮻}_~YƍSMMMYχ��֝waw��\�ď�cxꩧtE�ƍ�կ_?۷5�@u���?�1kNׯWzz/wy>}zj3 k��(ٺu�q_Zvf̘:~��AB�Q&r|��!�%KҥKg�����Ԟ={<_X-z� !�C�yFUUz~��AB�QIIIjݺ�W��$���UXXDٳZ~��AB�Qƍec�W��$<�(~<��RSSvZujjjԧO�ZQu�@4 8m&&&jԩg��$�ď�1h ͟?_{768��@��g
�=�@���`)))5o6m�3����)��ѣƌ�J;wҿUTT��/KZR{��~a=�@��0o<*狔�iFɶ[ˎ�;T]]��OX�@�?K.ۈxN ����������p����������p����������p����������p����������p����������p����������p����������p����������p����������p����������p����������p����������p����������p����������p����������p����������pP���fl߾]��,{ァk۶mڿo5�����BTӦMӴiӴ|r D����B2e�|An�!D��y'tkΝ[A��� $***t5'
"���!駟�oa�D�����nΝ�:t֭[g�D����ШQ�0����6qD;@���� x M6v�(����Piizm�Z����4e�w��"��@��������̴ixf������[~-F���ٱc�&I�Z����2|n�!�?�$��@{[�HTɏ����#@h�����Ȏ����I�#�_m��(���F��/6Z3�z'\r,�����r!;�w2Z3j=~�G���Y�7"I$i����I.����p_"����?���p�����N`�����y�D���D�����?:��� �_����������������������� �G����ÿa���b7�����J�!���Bx���@0 ���Bo�����
����cG���������@`1C�����[���@0G����
����@`0C�����_���u�����V1 ���aC���X����>���W�` ���|�������`!���<�����S�`"���<�.�����`#���c�����`�?�����c�A����������C���4
?����c���� �p#����~���@0����?:���0���8&����_�M���Q1���J�h#����?���/`���7;����I����������q�7���a�w���Q����A����1�H���p
�!��#�<���8/#��@1Ul7��=S=K.4Z�?�E����_$i�@��������!���1�!E���4�?���`����P_�� ��������@��B���ă�1���0#���:�"����a�U,xb��F�Y1
[n��|��n
���#'��v��EH:`�x��b
��#��v����D��4�Y hi.i&�EΖv#��O�� H��4�IŶ�}:Ik��h��@�tZRF���#�(tXҙ��zZ ?�I3l7��q��@õ|ۍ�1,�G��puY�� �Ꮿ@�hJv#��x��xk$
v#�9��5�}_$��c �S#=+"K�{F�*m7`#�%H:NRS��p6I?sIՖ{A�p$I�$�I:QRv2$Z�@UJ*$]<��F�O4�����IENDB`