From 5dda9f0c2e1990e4a800160531d8a82a4e3074a7 Mon Sep 17 00:00:00 2001
From: Tanya Verma <tverma@cloudflare.com>
Date: Mon, 23 Jan 2023 12:45:30 -0800
Subject: [PATCH] tkn20: change seed size for MAC key from 128->448 bits in
 accordance with BK paper

---
 abe/cpabe/tkn20/internal/tkn/bk.go    |  12 +++++++-----
 abe/cpabe/tkn20/testdata/attributeKey | Bin 2788 -> 2788 bytes
 abe/cpabe/tkn20/testdata/ciphertext   | Bin 2320 -> 2360 bytes
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/abe/cpabe/tkn20/internal/tkn/bk.go b/abe/cpabe/tkn20/internal/tkn/bk.go
index 20604a08..884a7e28 100644
--- a/abe/cpabe/tkn20/internal/tkn/bk.go
+++ b/abe/cpabe/tkn20/internal/tkn/bk.go
@@ -13,6 +13,8 @@ import (
 // https://www.iacr.org/archive/pkc2011/65710074/65710074.pdf that
 // apply the Boneh-Katz transform to Attribute based encryption.
 
+const macKeySeedSize = 56
+
 func blakeEncrypt(key []byte, msg []byte) ([]byte, error) {
 	xof, err := blake2b.NewXOF(blake2b.OutputLengthUnknown, key)
 	if err != nil {
@@ -70,7 +72,7 @@ func DeriveAttributeKeysCCA(rand io.Reader, sp *SecretParams, attrs *Attributes)
 }
 
 func EncryptCCA(rand io.Reader, public *PublicParams, policy *Policy, msg []byte) ([]byte, error) {
-	seed := make([]byte, 16)
+	seed := make([]byte, macKeySeedSize)
 	_, err := rand.Read(seed)
 	if err != nil {
 		return nil, err
@@ -173,12 +175,12 @@ func DecryptCCA(ciphertext []byte, key *AttributesKey) ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	if len(decEnv) < 16 {
+	if len(decEnv) < macKeySeedSize {
 		return nil, fmt.Errorf("envelope too short")
 	}
 
-	seed := decEnv[0:16]
-	ptx := make([]byte, len(decEnv)-16)
+	seed := decEnv[0:macKeySeedSize]
+	ptx := make([]byte, len(decEnv)-macKeySeedSize)
 	compID, macKey, err := expandSeed(seed)
 	if err != nil {
 		return nil, err
@@ -194,7 +196,7 @@ func DecryptCCA(ciphertext []byte, key *AttributesKey) ([]byte, error) {
 	idMatch := subtle.ConstantTimeCompare(compID, id)
 	check := tagMatch & idMatch
 	if check == 1 {
-		copy(ptx, decEnv[16:])
+		copy(ptx, decEnv[macKeySeedSize:])
 		return ptx, nil
 	}
 	return nil, fmt.Errorf("failure of decryption")
diff --git a/abe/cpabe/tkn20/testdata/attributeKey b/abe/cpabe/tkn20/testdata/attributeKey
index 4b37c6f0d41b56f4a0079332e180d1505d81d94a..a054c97183dbb9fcfb939fb3972dcd020a88d40f 100644
GIT binary patch
delta 2582
zcmV+x3hDLa7339=qkj+}TSN2}Ot-U3FV7S*KD3<*uW)sUA1;d5#)W(TUHwWxexcp>
z1`v#MIKU$7Rks<bSMc1#lwm1o;g{Mzr4vQ|DL{<{vH?aFe8=|^bV?AcAe^XK&UPh6
z2F_@4Q0xi)L1HUMbi-A61Br8hg-7SdLXyVm7|8IxgIk~qU4JAr!uj;#>T#s6%CtQv
z5axIToAh)`NW|o1{wjVocgQba$At#NS~&o?9bn+EMRmHpU!1qXM{IUEjV`}F#L3eT
zzNa-x`q@_YP(PM0v1FcTZ1A?T%Aw}kd6-^&`)mI{!cUm_HBttuO7K3wB`s_R_IX7^
zJwIY2rjh90<A1jTD`^-G_hf8`Ea}%g5s`=rlOYZ((+sl(IrBe98V5iB5uV31?&k!v
z4-|tdmHgz-GXgRsAQCxjKB(CQ@L>k}$2qCiRI-pCVeSynNOPL03$7N=%OF~n!%0KC
z(m9gY-%$K78c2c7Y15D|_{1I9=dOf7L<ATrS9Xd1=6?a;BLM#keCuG8{oMwB1a69E
zY3u>2q%%N2#pA8z3w^U-rC}b!)%@fd84c&g!IjvOc>#UxW`*xsnL`dk6J8*LBZ+os
zuivx?X)dUiv1*H>`N4hYxU}vwiyG^kJ59K5O%3TP?2>4?%&VJpX<_jZgqEvOi;D#-
zNE=<`mVXK$^v=C@)No(;K>wyB8~j_#DpD7HuU`U5&FOD;(k-o2B0DdtJzNK~Vn8&)
zcq+=<I5_Ad?>GMGpEYgSsM;ow7wUuo1ONd51|lhWi69d_ZdXu}iS(W)${+KxOnVkT
zHslYUB#e&j<OLqDh5Ttvd#2~8<oLWL0!ZwZR)1C}ihA*XHQM1gUPH^G-apML4dM}1
zR`yf|tnK>6`=L7pW<rSDMqXEMHWlAv@RV!+g2nWY*P6zmknjq7&p@z)vgdq9TnVGs
zKpYWJLCxl7pVGRUxo8dM^bvygV`iX`Tcj~}?N1NryUcg+`&s)aYQE0bSXt5qx4+7B
zRDYsg*OCY(B-%#wPzeJTx}#ho<GWUsby3_T$7x&c{qTXgCsow`D%2*z?bjO41D6$Z
z`EN(XZc9GTu(KK32H|Ii{JS@|B<#)`&G8}xzaDQSnWV%l@k1*z>h%YCK4d?yxvggz
zw{H)ICi)AmpE0CY=l&~%`$}N1{S<sao`3q<#DBRCF}N(bVyd|g%J6Dj;4Jc(zi)6J
z!OKG#E-EcIm#`ffT6yf{E#B%96D+|ji+C>o&qC2S2ABCU`O8x3H#rgn7|Z{4W|mh2
z00IC-RfGWq0096H#jcLMl;WWM>}GAST<Y6{Zh{Y2QEe*au@guA{)G2G(WrkHH-FA{
zZiu|JNr=(A0P|K@3|Vu;8uENU^LCG#`|jX^Q%oh&6HCo0!L5H#%~eTFj+Yi_fLYmE
z)J*}M1V~s-<t5N>QjX8{W<zF{KGRK|CLe_P-{LhnPUSJ-eb7Hb7*0ehM}1t!=|R}<
z6}Zl7b#i2#VH|UNzssBM`@__?ZhwM8v;iRCb(V{pT-`*J8>soqs=TUfJ+W?bw-$20
zAeQKcSRLvcWQ%!w697*Dn8V{5%aclZG6kCHMq2tyw<SIG=v@ebbizjn%?MwYKGEXs
zwX0S^WHhK|pHnIu58|Cy)Fb(<+yb@^>FVn&_Soqj9IE&#(R1a{Uk9y3VSl+Lc|{Ki
z9;osSpw4E;mQ_GCll_dg^I5o*0V<^NmiSwd4J}D0y~ed_<+BxjnSnC_5r!y<g2r-l
ze(wQsQsv(=SgBzN!6?ZG75{`L2slcoo!b^2ho(dsQ5y#UV{dhCbaHuw0R#X6022?s
zgcBA+!NPu1PM91sWby!VSbva=kF#S&?@~4)kwOVf4ooH__;Ng!RlHlf&qo1^T+bjz
z_I)1cld<z0{&ZI}3q+}QqOA^A$tq?$tUDaO&#@0|3_089Ay;Q1$FKubN`tXyEHYcH
z2Xl1-#6LSzjv;|Ik8SRRak`Q<Yg_1uF0Iq0*0jlqPNe<B$6y!0@_)<)T%e_+hwU$z
zl7}N-Lzw66hE>cQ!RT{ZJ9J{NbwK{jq{u(K8&7Mn$XQDOFURg&g^P9c=~s3OU8d@k
zgF5D6zPOyBU(MO}p!#K>MC(4Yo`W1O<fWFk8sNGXYfGM5+WuYKQsKvFfKokZzlrxE
z<0@(g`vJP_Mxed(A%CeQa2beXgpw+pcKOZ26_p;Cmk8k;5B4$Noih$RW#P-NhPo1y
zT7!6H4APqX);K1|l<?t|0KdtADdD_n86YUX0;ZKHnK_|1jgB25^{0MBkXW<jy^=&4
z++mfZSr78`BqY?@jz)a5t^b)7Cje<~bY*gGVQej8Z*FC1Et5tG9)Amz)yrq;BjsMk
za}wh+cUu$Zf(DJ;5k4HLFPj7Mp+UC^x_d5?i~MH{D#dNJ;A9XR-I{)DivGWV4E<+7
z^%EKL=DkHy1roV2?c7t{@@~3hC&8*ikgna800`QWc+v?ebXF6r>>1_7V;m0m&Ab7Y
zXJJji^+rp8?@PpkcYn^5zVDsapJTBN+QWuX?t$YKDbs{CSrVKtPxg31$J;I#m&gGU
z53r#DUM<GK10kWDQMynXqU2!tj3*}c1h2mcrjf^c@1+7H_V%elybO0sVz&My{jVho
z!xf!l3Hz&jvsm-hPX8jws9A*UhEy{VFmje#T%P$aAWwi!`hQQv2K^A#J(MF+lZe%w
zs3nNWQY<tyM8+;Ey}-VPkwi120S!P(Rp>gh4m6q3lGg~9W*{$k;U91`*5@oJD1_Si
zk^-e~K-H*C+;Uq98=RtD74!pRvVRP^@go2wDS|hOcGEhpQGDEEfi`n?%HUnZ<~qAD
z^LKXus-z{<t^;h3Q<F0ZF@F(VDwC&AP__EA#GSRpq_xU|Rf^GE5{hJ-!lDRvjuT?T
zwqU`tK;+DSX&7w&6&nDv{W7jNnrP80y+-pRh78s`X+83}ci@pyCiwMPd%{*O+YdfH
zkl85m`mgZLT|^l$(NA0R<*gll7+PQ5G+$rj?D$@PKI`L>1AbU9NPjbip3Sm|gxiu(
zP!X*FVv9Qv`DDgi;5IxzGJf(e;6xEOmV--KIlb{sd5&IjZw#TtdS!^<2=Hu1EB`}E
zv@$vc5_HaM(b{c+{JykEP92(5>r(_kOQSV!Y|j-ysSQfhehOmY#gYqHP&meT;)WLv
zjmSy3gMUe(UOf1Lo`1QIWci$EbhRd{hWEh4?+Lc~r$TcmqhQsJq4~lL7>MC*21JV;
zY_ZOgCSy~e0aQ6=qB~V~uL>`Q$&nY$d6C?-be}G)HB>OC%nijX61Q6{7stUWaQnBy
ssG1o8gY&V!A-bUw9KlC@l*NoQHd{FvtdwLc+|=E<oxCT_tpil@NC=DM$p8QV

delta 2582
zcmV+x3hDLa7339=qkjv}-b-;ilZN^Mo*Tf%lC(*0<-PuGCzls1IPCpb?rZ}5$7fgs
znlB+6Wat#3;I#zhV7slZR|^rD*;Qx0kC)5<m2^9t>u4hB2u7PEq99u@CR6$U>p&O-
zOS$yL+&%?~@fm;lH~FhXg1vUTu648p%ie4Ux(3Gr7Yq%4yMJ=h^OOjA$M?ORj6cUp
zrb7+^CzAUxU#o?cjiKR3+;P5DB68EMtISX_K;2T90x-*=^#<LO>={RAngNqP{u&n-
z$8?=~-IP-FdhDkH{{YoiY6UAy%;9;lc+=?M!F1Z2_0zi*V|8T1%eti^0c*Pz5`*3{
zJ*qKL>(11&SAS;R%l4<Kju~*DOft2j@gY}uUg5a3-uA|{G+yuhkFA+r190p4&b=M+
zuW|}lu|nU&`jSPeo}2B=8>G$YbIj4I8QWUhEB;?0Zh)V`+!aJu6fNY@GS7YK{_cMI
zrxincmpo4MJVZd1>wb9?ngUyqyy^(&rtkpR@o@ce$A7%_d<&yTMsSeMkv<;<8-Ja~
z=+4$0`N|X-QY)2ANADN>8E;+f@LTS#B@poQtQ~?iXAGhRW+fL8#|DFZX>*bL4XCC`
z$+^J*UM_(f#cgU$7YzrH>Ox6#GXb64#zjLD_60JGECbFZ1z(mtSL?_{x(`XkvR@iK
znW-&x^M4*-+Z%;d<d<RSb!wJG@#-VL!=?fqn$9rH6YEj*gDtBy&w2{v>MJEVg-z8>
zKj|UW!OI*r&Z0(Hc*^tmF)Z-V8rOsY1ONd50jBOmb}=`&U<WR+dAjriyM`y?w^6%6
z4G#SSRm<{h$D1XeZ*@>>4wl`XNm2&d4y-!;XMax5b$EbFlOd4Y#uyo7)t%c0Eomn-
z^V*+2VRVyfpmFMo!_q5ltNvA9^%Gi+7PqluDrOYUop=I42}$rf7<p6t`rT#ea_2qW
z<3%6$s{_y&5hp3Ymq}`r5fdR36WKF{+E928>O<KW0GFJ68Di*ri+##M3>i|hLLIVh
z*nen!!2X>2z0&k`BcKhWIO({ozHrATU&hy~^gdH$;LKq+LMQ`a-mJVz_;-1?1E@Pm
zMQauY=3P92-{T13r6GPxTb`?d9%rNR<7cqcr{$9WtbC8Bag!1lXnY;o75q*E>N5Mo
zXP4BAwX6^N<Dvs3=$DzE=uWXaxV|~y8h@|{0(|&otkeftWgdy@Kh<}fjRlK|@fFIc
zpWo5~#u8=m*m6<8MXoiT{_wRMwj?h`K*gT1Ht9_MiUNhMKYc?ly0LM4tf+OEWAowz
z00IC-RfGWq0096FAkC1&r|s1`WfF@PJN2NmQ|~+Pc(LW=Dd<{bQ*y;|{5!8^Tz|jl
zqP4Wm=YA_m6N=F?BmtquO-2`&HXnXgeRCI|7V|{ykI>XCwc`eVOP00*wjATkr>ek%
z#<_@;3QqRYTv}F~o;i?CE>|<;f}YwI%@Q`iz|_MH-)ikQl!7~$r1<E=@lWq`hqSbn
z6zIf5=n$M$lJI!UvwJ6gm-xOjkbgtQDzo^rL$~aE`9|jq0~<s`QrDBF$`vQ%uN9w^
zdXO^xeZy_iE&kWr4in<;nmv7Hg5(swKAUs#@GNcCP2{3W1Fhrd@tFTLa0RNgqN#_#
zKkvXUsPVRoN7?~|7V+5>wM5MzlZq~)<~Bn<PM6fbM9_=vV|X=ePZ(it>VJtt-DXR(
zeK$zqi$kluE<#|cfFhrl_a3yHBRJ(}!&Nd_C3$t6`{HKPy}|~-N-;zCwqYeRpxF!Q
zeRA7i7`?cg1+}!&Bn#+0n-@QGYqJt|oS(lL*riS^pI!$5V{dhCbaHuw0R#X600LDr
z%$O*ga-UC|s&st$9<hUf{eP<}NwgcHm&=^-QZ@EOr8UHrT;sgbOGQ&hodN(SwwNQ<
zYhI0iGW8NON8nwx5$GTZ8gTQloQB$7E{86hPRgwvrO+UFS$wlF*y$7edTfttZY5xU
zyDBLdavU*1lIHL297~BPw}jYZ<^G5t6JrPRFWNUEVIc`81>_NfV1IF(xBwP<V<<Ap
z<Jd~-`8&hFq+5)Yl&cbZK)*{c<7zzYXWpu(`p1D0>j^CpmcD5T?kt~oeVLxcgq|u^
z2imwD7w|hr?!cPk*FP+WvBBn-<`BB!XzVgVmwI*usM~vOJ8>p`1gThxfrgkVB5bJJ
zACO27LV~qNhIhZUwSPP0F~tnSR7(Cx`BU)m6TuT-M|%B_MSNlq!j}L7KW^}0D(YcT
zcvq*SgdRY{wd)kg^9i%sn4(B>&j@of2C719x}P77<7D_kDH`KX!t|;Z+uUcpU?WL@
zeuY}@!BEWpSB*~SeYPzS1cgPBCje<~bY*gGVQej8Z*FC1Et5tG9)APWfy|e9)P*W2
zfz|)zRxtFPrcE2g4~LX(k3^oTm?Qga216@|b9oJ{QE<D}jGqeyHeMj)NlB`3h@-t`
z%Oglgi*VUgquZUa;z`4Jqb4LcB0e}c0DU__BP_0>#7z#zOmH9?66)!JD1=eFIS=uZ
z6<63uT%!yFvh0ScReyfG4gKPBz>fJ*JoT0QJ;f~&GZ)?J*O#);rq`I)T3-NIv1mB5
zJ&oug6+?*Gf>A-V-S4rh9~q3=JjR?d?%TT&;x_Zojgf%-A3gEMSdvv`=(6>YkQrvE
zS3xf^e6s49RLn(6ld&&;`%mZ48b}WnDzg1aHOb|yrW&Efn}3k6b{)BcVatH5qM$0k
zL12K{E03iB%?0DQKlx^Kg4bLC89}J+S0%GSad6bRa?XP0f}pk;s2_<ibQ4ZdzasBE
zqjBs(x`P{7LivErI2`;50!5hkw+SUn_;nEx0}K-JJ;Q6-z%WpzHd_^R+Fr5gl)~9c
z`V*^ky$BA990L_zMUyiLF@Fd8M1gRo36jZ>fzk4Mj$t5~nrTy?S?^KI0r&SA7|u7q
zii%$zDQRDFfIzmOKCTy}l!(iGxg6OPBukBUs-B<o)FE^j3cqwx(U*A-dqIS)WDzHb
z^cOTv%|8an?0g7!<w0YxYc+cBSiKVC-iJi2W=!zlWjgmiJkGJ0<9~@h){G>g6pV;b
zUSb!wBt^v$X9G5Rp7px+8e^C02}covIa!jH<kpA0XNP@{D2aV?A<UTC&qX=s#Kn(%
zzC*$dJowmI8CN*DIQkOfX`lQl4Ch0=3NFtQ^@{lS#x&u8joRMxq56<Q13q?SVaMSP
zWKR0#H1K0x2J}IqAAg}FX_o#^byYCqh4JdehFL`%xB<3G%0pfVc24TAIJJp<6T5x2
zEOS^kbA^iN_f6B6(~P$|-{GWSjt^?UmfrETPK`RBpahGy=?Hj@u6@A$150Fm-uiwS
sgB0t!Hn=c8*X7G3>^8>!K}v2e(vw5to|0baR4GkYw|jhXngcYH$g;2bxc~qF

diff --git a/abe/cpabe/tkn20/testdata/ciphertext b/abe/cpabe/tkn20/testdata/ciphertext
index a7404fe134bc95f1c8a96de2205ee1a2f008af71..5b679c86cba0312883caaec281266857b098bb57 100644
GIT binary patch
delta 2322
zcmV+t3GMcf61Wm0AOIKBGm+Dfa_9Nbrt(d!&=De%`);^t*t@K7i;nZvypHmbBS3!?
z0Z1Gb+@vuH_x;MZ-(&sN{f_84!x-CdA&CblJV(MrQKl*?F;XW?HcNJCOq6R0cDkhr
zI@>Cf#6@=~T_++5WVzJEy|L2GJqj=|4Bx-WUHS1iHk@<|5CR>?kwR_=X5!)ayY?Bg
zH?dU?r(8c$YNEJ~A*Lvhrc4NyARK?<*_+JXjp@%K>D>_dBIl$e817Ut<D&?+7UW8F
zP}`{yFV8_B%%x_7vy$<;1fZ>9@2{5SHr4ZwW&a&HO^=PI6GUY8z6~Ne+6G0K^C}^w
zT6%`7XjZ$H`!1b7o2kHczEJw7H?8A*+7hC8>-%kj1~0>7qP9yy*y&(n;pTs_mE41Q
zqUJg(t~BDBSbn$u`AL(gp0=MzhD12jpIN56^$jxqQ(*|Wr<GX%<-dxO%0xH0bP<7^
zM*8zJK-f;>#t+?)GQsbu9=Z*8fohPC!~yBq?PFz5>RwlMb8DEb?AJ_ic6*}BfXVBw
zgD4f!LYPC96yRwWdG>p{zPo=f#`Xp107(V?B_-k9WK87_x#Z`4`2%IdZMyoS*zDPs
z$>ao8l>Llr)9Fr!_2;J_s<8(qu%gO^tRICsDoCW<ApH`iieuG~cI0?u_N<p%Wyiey
zu5j%LA_RdqdaDk628#!+$Sk==h$`c$1x%SdFw)1GO@aW~YUg7&e?ouG?;PbrgBgfa
zb<8XD;LZ%`(Ox_RWu>gvzMvc@kz==OHa>MhG1OgX>aAoQbH45kVWJSTQns~Nd$(rw
z%pzQ^KN5rkFyQNoUOcId9426oVvPh<x<*UpknhPvEYunlUkY`ltK`qnbjw(f*UUSB
zn5xnTyi(vsqBzZ7xeI^7;dKNT6k?y~JEzaAafj*Z8{u3f*67@pK3u5;7)hK}sG%ly
z0m0A&gz$ZoDA}-LsvHRojbWy(F3<sT0+>Mx-UVNlh|$-t;)!;#ivUl65`3_d5DUp^
z3(%#e^A0OgqC1)K$XWZ=#j}VpGepNBo#L4%BF!i5*2a7KU$=jqBe?z3P5}S}0|Wp8
z00=gXTQH{t+Ttz-)!<!B6`x0r*Ahbr-Sn3*Z{UIjQPef6V~&M;*?Ul-8;`My3>GrV
zTI4m9PNh3uM$$Je_0x%MX>9r}&+bxc&?qPOvmVDPOHNJdio>@VsZ-jzhY!KMqcT2G
zbo7CR5=E{r9YcRymMqx1KjjaVKD_aHfc4x9SthV8tKjjH>uQiEz-kOO95D|9E#C6W
z35yE!BKcDdNoRyjeIN(*<F%au0@g$9QBB?Gn}wB>UgmhzXhjasC6r$<_0S=G&uEu3
zE`~kpDJpJazFOiR!s(y2Nb7#;=TM%^y^-%{3A#TuyI+3*>SdGtg3~}E^{N&d<tf{(
z=GucJG;Q*Xx0F@wRWbL&Ok_yQ5a0Ao=GU<x^oxcQ)c{B^OU~!I7k`D8MuYjd;0gOq
z$?C=;U3ilboZ>DOFBTkp`z;_KK*YR>UgLKdPUFV?&of0^k6vS3eg%u94PE;u?%D2g
zqMGkn<-mW<dWE}C+laVdNa{=p%8^2<69CU+OtE&fA5pP3A!yAPSBmx%5-H4&N-UFB
zU}}o1k>v9Eh7I5T!6*Stq<*Ll7vP#i5@@`4H19TEppt$C##JBBUcZNqw@-RUj=Y@b
z)ZK{L)aUU%^s(pM-#s}R82@dwftFRUeO<B(RSbWLK9H@))#EwYiA`{nm0xw@`!VEj
z4L1k6=>-k=Q620z90E(4ettR$NSANhVLJg_g(@$HXgb}R1U&&(!&#tI{>LZBhG9IX
zq|nyCtMm((?-7ddZDM{Fr*-F8(9{tqi;xLg^^r@$dB9!QgHXJYG*Li0u13L@#|vtC
z6^VZg?l=TALQPil9CHoH>YJ!bOZi6Ff0(e=GxVbR6s>+K_ILADN*PQ*bf!Nf()+&1
zj+6#rd54HSd>nq^l`YxOy!3&J#4m6{ozN6xO>BA=zUiT&t|B6MuKDpcooRtS?9&+Z
zPr2l6bsN#!D-Jd@BquE)Z1nww_4bn_cea0WL=e?f@w`s!9nVRLu!c&Hoc7ZK03-ne
z0096FF?=v+H0|ZG&f1NE^8g~u$m0<;WmjZ`H#6#SP;{6ofz8z|X%eFq`O*@0xO+ze
zCD%g@vdpkFJPwg2Z~%~u+R8b)5@nWInWUs5d4&Jkeb0oPOiZR)A;H=A&*Uo>D(inx
z;>W?iNkYET$)d<h1I%tW*m0vd^GW}YTak0dI?iJP3>XD$;S0XvHe^Xm1`H~W>9wXB
zSVY$rr_PntzGl1-OD~_Z8b8p;ii~ai?j=@0b_Ww+I$tfx3twI95X&dV2f9QwP7o5e
zM?*I%4Bng7dLFRxLA5m~qYk$G2yK57;8?GaD1I@KQvY!{Dhj{USqXsOSq4}JQOQew
zGv07_$UmSYzb<&P{=da{q8yPtcr(<s|M$#=GVZg<jwAsC0096EgW0q8cH_GUzz|<6
zM7c-kAo*`@%2$lPo92KP^B-Vy2j_N@<)Y-_DbR9tk=yqK#m7}04iPR;#AtteS}y}I
zvTNNue26Ai1aiwX`xGdUHJ`uXuDbW=wm^tG_>B&;5Y}WD*}IqfwJ7^E!-g2+5vntU
zZ6NEEPqDlc`g1r}-5s~)rv<j-B@@?3-k#4z2|mZ+tmVOiwDxQ)JKhOTx}fa5)dde%
z!i_-C{TGFWWh4jrdJU`^Qt*FzOqS8|DF<?nfFw0M;cQ|v3F{?vE2);4_?7mD=;W;+
z*l>BS<#D8;h_v<c$Rfl%Na%@;4HzmOIl_dAItA+R)7N9reetV}&!M|qJcA8q;J#&G
z#Ia}c*hB<#yBxW@9SxY>5&!@I09ODp6~+<_?W`u8YWw<x<jo{AN1kRT@%0-CRLipL
zl@jwPbP~_HVt&p14G1T>c7IW8Vu{Jv;p>0n%ll$QWrp1`M89s1*lrCltwr4f?Zth3
sKRJ)jVHRZ|087_CiEA#;VeFT`2!F{q{rEe+%d@tkhdxszL%|IEhxG4#I{*Lx

delta 2282
zcmV<G2o?9Z5|9!jAOJ%xGM0HDrdrys4_8)GV0Ny#1sM;%<d6R(?++4=LVU`RBS3!;
zKR-ZR0H+OjiS4XrPsbtq_?%zziuFQ?PFM23m(1mPjgIw6u#~-i1*%JP`Rtev7EX#7
z2t=hf%P*G%uDT`W{C+k>eilZzbksD(P?PqH0O4u3MDx>h;65iK_qn72)cbmR_cI5r
zP+|8m{Ac67*WVTM_RvA5WJGy(yvl#*`I@-os;~x2Jg{08ES_+K6tf!4z3VtlP`XZE
zOwXlusVG74^72CrbQ8m`R(y)$J=yaE12JB`2HD-WV^@ge3ve9a&hd+GJ1$cyd$?j2
z&BAzfKBcTQ4Fj;(-6ki63;H!ha*v(J(If81IS31573-zC%CyL9gqKG}`!#>?Z>=X0
zwPe3o`jRmCkU0EPlXxm_D7nqoO!RoctiwKl@ec#YFh5FV@<Xfi=D}@3pxo!!(E)xL
zc48K=;ICCJ=sWIrSk{BP_9r{5K3DEsW&mZ9wby=`_D%xfKCXI(@?f0NF7d>bSFr;r
zL0qe#vCnC7yBXyAVTpv=&pdxCk%tC51uGSo-Xpsrfb|GzP(fE3P8}3{5`9<hJF5<B
z(3Hk^F~vslPTK48J2X#92cik@dr!CiGH^8qrul`W^G6~DZXi|y{;hmsiD*%x%vy-a
z>fFG(j{ccNcC;M+659+K1we;;LRA2yHuY1W=uG!Iz$_J0q?7>G8_9p*@7@Ve#B`20
z!r)Bc8-$R}SP`)UtyZU(ko6Slh-0<4geJm=<oK)SieL;JFM{x|#1y2h2^E%{VG#m_
z@TczL22-H|TiN&usmWiKkxju|UNt(&Zf49RdYp6}Xne?$w_^2pOrJC;Xnrw%N|V{k
zzUI9K@%mYUAEx6+b9R4iUx^HXk)j|)8`pr)1R~TG$WRi&JHH<yE&b8pUe2P!_iX0f
z7(?{12$0?<TQc@w_S&S(r0JTU9RJ>4jStkl-i9nJ-b-%czKHig*Ew-vti(Ft3lshH
znzezFq}@BynRL8Z)~g5r1a&0}pzt5v%uphVy1QDB01znR`}TiO+G$wpg8={p0|Wp8
z01)DuEH8g3>eK_k;TKDO#UYe&D6qis%tCD!37u7!YP&(0U?bHefQAxeso{f>&Jk-e
z&Q<Su86B6bf<nm2>Gx}hdxD!ayok{v0fiEo#7rG1qR04O)hr<|!P9EYhzAdk?+(e3
zV%WnR^YY%2=|6vmwUpl*H)nJ5HcRQ?ONKSd&L7+lHQ*sHTkH65UTy(`>b_?V>xlp<
z({7h!u3ZbprXW9F{D&JTg@WItT{|W(0L=VmO7#?~r96i8tIiYmx$m<Qfb^no<(|&a
z>w)v;$;8p6thos{J`iNmURPr`Z7I_^BkpjyB4FZZ?!kW*80f~ZTmCj0U`-Y>ZXJ}H
zsE>Lc49dh_ZCr``d~13{Z_xqnqJ5-tm{MGE1&+`Xi1-5ia3Icvj6s_!dZ$3aCc4=x
z1v#V0<F#nj$pCWFK|anEdSRkSb0=3xp+x=-n$-D+^$yzo{0We=Fh_NrgxaiSSCM@i
zD+C{s1?_*O0$GXA{hk(;`T!?iRwS^K05Fblc=qS}%ZJ(C1~X@qAfdb%8KiHL{g(s$
zm+ff_D$ut9=p{q*Q{-o1x^4CJ6*D{WUuLr-QQ#~6?;;;tQrFYPKbykUcn^8x6f-GM
zq{Ca=35gZCHcw5qqhryB1IV{(##x^t?j0d@-VJ}lPwxXzc7dljYCw@-PKca3^0>Jd
zj&|}lMSFSQDL5P01OzDfr4@Af8VUZ+2%r_T?9)CGrN;=RLH)q7o3#ilkUVuVDceXz
zi&Re?jVs>gv=vR@pN(jWsj;6}aFGJEiDsSX%5}qG5N8!P#L>dQ!GOA5jiOQsjfVep
zaiM=b*H8x^*`<L$!m8^nXL_ive;SrF<?Ygziv+0<E1)DWB-9}xj`i?D>{lA~0&{rJ
z()|c4_b}3@1N#FTB3;_t@aPP{!V;KgdC@m5hc$?D+95A`c?0Bd3<p5WsZUL&djt{g
zzuXCq*)ZU?u+ywjV_1X&r?J9nY2HgsPN9GP(L!$;LfnIDYsVZ*^wRE61aiv)03-ne
z0096Dt&dyjF8W=w-UT-EzSIsIKCtya+MU;G^g?C*X~ig^mB6`u#YF%0@6{F&57+4g
zY98r7t*k;@6TS^lV$BL<SR@k$UV}D}l}!XZrP`x;Lb{RZvwY9oZe?Yh`JVO{PzryQ
zTBpy!utkM7emr>h>EIfh38C#-e5*{LyIR}u67>it<>>Z5`$%k*AEvrq3N<j4a7uOX
zC`oXf#3|igbC!;xCbtE7I&P-pXyWcLE9YH&qNBm<dKW#C%(i=R4}{{P_=)P9nWNWM
zkb}471YvQe!*=>Do9o@Ica6&lfD3<}&uH9#Xja2Io}=SwoC*{^?t!&LMiS*Q4eDcy
z>5PS<{MT(9JdY9Na~ni=4V{?B_IOm9yCx8kU`4nja3lc(0096QPeMVh_f6G_DPLJr
zOCy3YQ@amNkX9@VC9~3>c><RVVd*X{ANHRNju-rb`dPdbPiGprDc>pBJIa3zjGW;p
zc$_QR?2%85Ri%{mv+oeC(P;3OfgQcrgBNxSAh1qW46klCNFq>g&@!-^ywfaU%t%6m
zBm>?cP*bMgLwAaVyuIC7-n=WLUTh=0-1*<_3lJ7L-oRa5r>W7=wJIsRqXXY^h_h~5
zw~$EJ5Q+NV`fR3nCKnpT3nPD>gEw#ojs-I{1Al;2-EJ-^kXSuCFuDy#R2h{AUCBnF
zp+^$JRqtcPVXV`OBap)hH?hc`V+X4#y}rgXJlaVnsNs@Tbjt9Ga9c<W6pYd79KPsR
zvHfRU`WVN^ldk?vGglvfyZ`_I051S<C|!*cEq2^M&enzT39=jI(+EC>zJo@CnrUF9
z-g}HZ1R2I<=*q`;RhEasBfhdA01=>xi*|IkkLCU)6@f2JEP!Z^0(z+RnGidcztm|@
ETrdb+asU7T