From b2fa2fd7a15acd32d8f395817f417d3e04cf7360 Mon Sep 17 00:00:00 2001
From: Gerson Felipe Schwinn <gerson@onehost.com.br>
Date: Fri, 7 Jun 2024 14:09:36 -0300
Subject: [PATCH] =?UTF-8?q?Incluindo=20manual=20para=20cria=C3=A7=C3=A3o?=
 =?UTF-8?q?=20de=20certificados=20auto=20assinados=20de=20teste?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Também incluí certificados de teste.
closes #1055
---
 .../GerarCertificadoAutoAssinadoParaTestes.md |  90 ++++++++++++++++++
 phpunit.xml.dist                              |   2 +-
 tests/CertificateTest.php                     |  25 +++++
 tests/bootstrap.php                           |   4 +
 tests/constantes.php                          |   3 +
 ...t_cnpj_06157250000116_senha_minhasenha.pfx | Bin 0 -> 4051 bytes
 .../certs/cert_cpf_90483926086_minhasenha.pfx | Bin 0 -> 3875 bytes
 7 files changed, 123 insertions(+), 1 deletion(-)
 create mode 100644 docs/GerarCertificadoAutoAssinadoParaTestes.md
 create mode 100644 tests/CertificateTest.php
 create mode 100644 tests/bootstrap.php
 create mode 100644 tests/constantes.php
 create mode 100644 tests/fixtures/certs/cert_cnpj_06157250000116_senha_minhasenha.pfx
 create mode 100644 tests/fixtures/certs/cert_cpf_90483926086_minhasenha.pfx

diff --git a/docs/GerarCertificadoAutoAssinadoParaTestes.md b/docs/GerarCertificadoAutoAssinadoParaTestes.md
new file mode 100644
index 00000000..43d8c449
--- /dev/null
+++ b/docs/GerarCertificadoAutoAssinadoParaTestes.md
@@ -0,0 +1,90 @@
+# Gerar Certificado auto assinado
+
+## Para um CNPJ
+1 - Gerar chave privada:
+```
+openssl genpkey -algorithm RSA -out private.key -pkeyopt rsa_keygen_bits:2048
+```
+
+2 - Crie o arquivo de configuração openssl.cnf:
+
+```
+[ req ]
+distinguished_name = req_distinguished_name
+x509_extensions = v3_ca
+req_extensions = v3_req
+
+[ req_distinguished_name ]
+C = BR
+ST = São Paulo
+L = São Paulo
+O = Sua Empresa
+OU = Unidade de TI
+CN = 05.730.928/0001-45
+emailAddress = email@suaempresa.com.br
+
+[ v3_ca ]
+subjectAltName = @alt_names
+basicConstraints = CA:TRUE
+keyUsage = keyCertSign, cRLSign
+
+[ v3_req ]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+2.16.76.1.3.3 = ASN1:UTF8String:05730928000145
+
+[ alt_names ]
+email = email@suaempresa.com.br
+```
+
+3 - Gere o certificado autoassinado:
+
+```bash
+openssl req -new -x509 -days 3650 -key private.key -out certificate.crt -config openssl.cnf -extensions v3_req
+```
+
+4 - Converta para o formato PFX:
+
+```bash
+openssl pkcs12 -export -out certificate.pfx -inkey private.key -in certificate.crt -certfile certificate.crt -passout pass:minhasenha
+```
+
+
+## Para um CPF
+
+Mesmos passos anteriores, exeto o arquivo openssl.cnf será esse abaixo.
+Note que o oid 2.16.76.1.3.1 é composto por uma data de nascimento seguido do CPF.
+2.16.76.1.3.1 = ASN1:UTF8String:ddddddddccccccccccc
+Onde d é data de nascimento e c é o cpf somente números.
+
+```
+[ req ]
+distinguished_name = req_distinguished_name
+x509_extensions = v3_ca
+req_extensions = v3_req
+
+[ req_distinguished_name ]
+C = BR
+ST = São Paulo
+L = São Paulo
+O = SpedNfe
+OU = Unidade de TI
+CN = 904.839.260-86
+emailAddress = email@suaempresa.com.br
+
+[ v3_ca ]
+subjectAltName = @alt_names
+basicConstraints = CA:TRUE
+keyUsage = keyCertSign, cRLSign
+
+[ v3_req ]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+2.16.76.1.3.1 = ASN1:UTF8String:1210198506157250000116
+
+[ alt_names ]
+email = email@suaempresa.com.br
+
+```
diff --git a/phpunit.xml.dist b/phpunit.xml.dist
index bc4d4807..552bb022 100755
--- a/phpunit.xml.dist
+++ b/phpunit.xml.dist
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:noNamespaceSchemaLocation="vendor/phpunit/phpunit/phpunit.xsd"
-         bootstrap="vendor/autoload.php"
+         bootstrap="tests/bootstrap.php"
          backupGlobals="false"
          backupStaticAttributes="false"
          colors="true"
diff --git a/tests/CertificateTest.php b/tests/CertificateTest.php
new file mode 100644
index 00000000..af897969
--- /dev/null
+++ b/tests/CertificateTest.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace NFePHP\NFe\Tests;
+
+use NFePHP\Common\Certificate;
+use PHPUnit\Framework\TestCase;
+
+class CertificateTest extends TestCase
+{
+    public function test_certificado_pj(): void
+    {
+        $conteudo = file_get_contents(TESTS_FIXTURES  . '/certs/cert_cnpj_06157250000116_senha_minhasenha.pfx');
+        $certificado = Certificate::readPfx($conteudo, 'minhasenha');
+        $this->assertSame('06157250000116', $certificado->getCnpj());
+        $this->assertSame('05/06/2034', $certificado->getValidTo()->format('d/m/Y'));
+    }
+
+    public function test_certificado_pf(): void
+    {
+        $conteudo = file_get_contents(TESTS_FIXTURES  . '/certs/cert_cpf_90483926086_minhasenha.pfx');
+        $certificado = Certificate::readPfx($conteudo, 'minhasenha');
+        $this->assertSame('90483926086', $certificado->getCpf());
+        $this->assertSame('03/06/2034', $certificado->getValidTo()->format('d/m/Y'));
+    }
+}
diff --git a/tests/bootstrap.php b/tests/bootstrap.php
new file mode 100644
index 00000000..eb04cdc6
--- /dev/null
+++ b/tests/bootstrap.php
@@ -0,0 +1,4 @@
+<?php
+
+include dirname(__DIR__) . '/vendor/autoload.php';
+include __DIR__ . '/constantes.php';
diff --git a/tests/constantes.php b/tests/constantes.php
new file mode 100644
index 00000000..7caeba63
--- /dev/null
+++ b/tests/constantes.php
@@ -0,0 +1,3 @@
+<?php
+
+define('TESTS_FIXTURES', __DIR__ . '/fixtures');
diff --git a/tests/fixtures/certs/cert_cnpj_06157250000116_senha_minhasenha.pfx b/tests/fixtures/certs/cert_cnpj_06157250000116_senha_minhasenha.pfx
new file mode 100644
index 0000000000000000000000000000000000000000..869d2e1a483d8ea7db116a8c98b288b2dc0f033d
GIT binary patch
literal 4051
zcmai%S2P?7_r(pPj862?g6O@B-nq(XVHkCkt42u-5<QGEM2!+9M2`}pCPeSOmuS%?
zh#&-`WX6|o{r~IU$M4~+v-aK(=WVaw5l2x?;R6W7QB*NRAi-GOSPTV#7*L3!dJ05Q
zA^+Gu;waF{zY$R(3N-e|8o~$Q{aM}rCIE5!e*__gxT(0rzmi;>2S~j=G4fuojP6#b
zS(kA}!>Ixvp9D{woQUNAuHu6T@x<APKn}6G02cxvKoCgX;1evTtLUSX4E`1j8^U-*
zpg<;rO>H8%hB&cePMo>piE1<7smLY>*;ijm^=0p|iq?`Au8*~$-O&~-YoFNi-qkU&
zgulA-PDR@S$tyXomMgQUlQeiBq1HHcqh{KjMOR|9E103pT)m)d7A@5?zs#l_@3_9I
zPyYo<Pud=3ou(oDa`3^tP_gdIO|_4ZYd1A!Y!}x}i@-3tWcQjU^r<J%L6jw7A_Cr0
zFH|qwo5mXvJnr6~-Auj6dS9*q%+?hrsjfnrs3K>;SBrrcnjQihkS9!4fqvr*1I;q2
zv~^F<NBPR+BqmFoN{8)(FM{stUHC=lKLJm9kl`I(P2BKPB3h@fxKGDt7wkb^eb}V<
zpmOw0P^-1BzgRg-p01^Z+@k(k_#h#@st6PLnM==c$H1eb7Xh8ssPb%)#NG!mGROn@
z5BTTB!i9)Cmng58%H61=E}ExRf~iY-@wGVaUxF-X!!*vab-U=wPls^jhD<de(U>yE
z<b8dBR;sElg)MGNRcgnyJOo3;J1Om4ISjX@S?3$l=Vd52qEAmYte-ZY`H+po3h_nE
zR}QzmS!Wr{uDY$4*Oc9f1o57O^axm@zSj^iUxR`i3SrTFnKLa>*KyWtRy@eqpM3IH
z3u*fNTnti4xa^!edsjE0bMk<?+kVuUS<rdG;1A#pMYBhe2958!sd7~<9rXi2ZsQTG
zk9?4Cmg;6m@pFeh8O+=o(+NR)p!O-@zQ20KnV*?CuhO9ar+-1ksK?Y_pUv_7PPJXd
ziapP*h^|o-Qz0P}&i>4Z_i1FWE;~;eB)2WwVl_SKp|i>MH9!5yN0kh2{ZXSIE3R=m
zjy_wDI7907e)MBz6sVz25psc!FWa{ZvI7&?o%xE=Gepr`XNJfugQedad#<=p{y?*c
zWF>(it7H<w3x^vOzvRXrw3}$d_L@4a8a{^Jm1T^O#P;*~aM~i193wboh5~7HCVNr3
zbA}tSw2nBgGexkVOv<*a(go7yaihaa+^w^vZq1xoog&5V?fONPw2rHiFy)aRe%(#S
zF%l|6X^3EF^S^W^7L3dnkryIGAs81m=cwdT2#gyLNict1m4N$Ujr?(o<-lgyy8>lJ
zh190)ts80f64~#XQ<f2bKaX+l!OKacMjJuL4qYKt{&bQ8!pmJRY5IRCMig`i%zI9+
z_<_z_Fy2~$kxZfC{6ufv1>Ba@3*OCBJEq^(M^e;ko&`Ko^{1xLT4Jut`l>}{bP7Y}
zMvJB9KK7<K`u5TwVN_WwtL`rEGi@n-n;V+lq2GGMaBWLyDwiy2<NApVgCdw$a>e9r
z)M)Br#h!YzPKi&8D7AscM}h$DMlI3-qFS|E*PE^jty%-vIAY}H2~9i2=M*0QOL<wk
zatu1dD%34}^X5?mSti)4e&DI2p{&wj+Lmm(<O|ek^=ZD~g^?}g$$my&K=95vmpL6V
zTbwF}WB4XFHF94jq1O(jxZK?R+52j0QjgYgX;GUA!)7$V6W0D3cbL3nP_}}cYSKnc
zN$BeV*{@*XZ#2qg@9H!L(S7Z5K$KmfzXC&!Z85KIiK|s?eSt>gLdm=R%7|+gvk`?X
z>%Tkw=>oU5sL4iKcYw4Z-c{pJvPrA+;z{!`@0;(MBY@&7wsu`F<yf{u-%`}1Nky{A
zFSyTC*b>w;WYE}ZCaa1xk{V~yM=A3PJvcMwn&vHvIQCI5D*AwE{m|j~WY+>6T!Z0)
z&mFM7w3w`KJPTfLT4i#kSkK#}A05`mIB+~xnjBx^69yrDb|XxKXLoJhA<C5?9i>TL
z8nBAZJ|2DJX6ALY<L^}`<lg;@l222i#n#OZW=ZuyM;yc30T&Fu-&esBjk$IWggd__
z?{^c2Wre|4a!WzMe+zf0r1a0g>55jK`fX3X_iF2HN>yoh&GLPSgKMCNfR6i|W@ZG~
z$IF=-tX#hi0-f=}WrL*yJy-KDeoItxgGu&;G4el4u1-V#y2oE~8bo{!IOuI?NyXpD
z=|7s6FjadytXoO1N-hh~iNgjg@vBRR?bWtZ>6Q8-IuSHP5bYpLPD^202yCM@4F@Tt
znBh;1Z)3q^V2tx=7T(1EXuPYL?wIc(L<r3Y;+QO-8w@CF-`cydMG$G{-g>cPh{uJ=
zCJ)Hk-lRh#qU8aG1NUrF>gL3`e(%ig27GArYl>vi*9>5Rxkzia6FqA#K`gLKrX{`Y
zKlqF$M5OL%<n`DDsl$!S#RctG8k23!?3VX<Ncd~R$Ub~kcG5U&fTTx%=8$Q>3oBp}
zQ_U26W;vnAM!hoPB*&zYu@A_1V7BOt*ly9py3Be+c`Df=A$8SkV%qMoB3dSvD5q*>
zxdOBMNvXdMbHBevd&DGz(@yKWW@On!F~V2PHmmmd-uzH`tAkbLE{?hF@TT`QSyX81
z<AV;l#Rga)&ze{MBggYdiM^?~R-+R;+|vtt=EG%<i)O5D#*j*&q1B@293)j<D)`{%
z=EG@53C*3aN0=C$%9epLt(;K9pdyXY-eW30@?%SBVk32MjX_h<6Ozgxpjy%AhRlY>
zC;4(4VtIkpV1(Q2Xj#5`7l0Ew_F>sH6@F<)ep=xKgwMqL)ehNrVHD(Of#bMjZowbN
zjh@MV;NXTI>1kcgkt2z_(|b=yub;>b(F_L9d*ubi?`J?|#4EV_g=*YDFz|S7#syE#
zz5IHqUOH^%Dtw5IK0B@)KdeZ>bmmr}uGQpPB!kf&S$L$MJuC^kb>*653r3vL=uBs!
zAQOeJ&uKe{T2$p}wY{wsI%w{7P(M6`e;Lf`II+yfB@@sQ%&5XERd$|Dx=_G}zfirt
zp|U3t*qE89Y#fRIxe&LVl*}X=Gr3yG4x{hEzaZw?UJ;uqYJyscz=dIGAbSR1(tgT7
zPOM1LnhL#t##xM!k?CW2ocx&VqL(FmUd!s}ED~>8Hk(-`*k=_Fi6d_q+1!xg(OlYC
zF3+U1afy*@pY^t61b#PxBU0{rQt4`UI$s>hB)!NZ;XkGJP<R@y|LwB9Gs;FPMYbOu
zZxDI+B^-HAkG{n|6X3GnJ_m&*u&r_p{Q5vFu+6NYkU|-<^sud`1LQMyUappI6XbmG
zM*poun5jMX>yXVx1}D|M){ePR!8!%AW#^=06+3q+IO=zF_gmRl;wZwze>m;G;71q+
zL=gu4u><~$FA>@QGa)%C0RK-Y|HqX1U!b?ctUw-8y1*QY?Q@vjWn%oFpeHmkq4(u>
zSNO@&@-}YwOb3VpPN(}K(NQ7#Cg1Akla9^BD4L&HVMn@zdaTC!g(ogN@B4nQg3S#v
z3hoxa=3V4y<(YJ6m^G;KE}E<59HHM%rntfy12)fe!{>?Dyo9W!YXJ;`Utgx0NKB?^
zl3C`#oxPK_8dT-`AMNPL+QCSAVV2x}5}62=7iWkklaOUMar_zi1PbCi4qT%TyutP%
zCGB-ECrOnFxTfr*G{05rTA=mi(qD?okh<<^plJOwHNWqMGpV7Zrp+B~w{vtrPcc;&
zSJ<sOwCuyBfDNrv$Zw`pUpv0WF3vZTfBRNv9K4JFS>5$UD^35ILGT^rEjhP>`Z=3>
zx|1p|t=9qdGQVqU$9;@R)gxik4~{LN-{KPF2oaWjKRV8MRH`JBHaf@a<tU-Ade_}J
z*#r^(wp}~A1P9sU9?QQe9T^qlyQ6>RCUi+R3gTa$z@SidygQ=KF!D793e=~uia3%`
zz%J<t{=Cwn1vianV&O&lJ%c(cjkj%bq6-d@7fH?C_U9E8h5-dR360V1q-SOtw;7kL
zpOEPrs806Fjb~O<cQ32-ZDJn_Q{M!+t0ugf*9WEQ7*SYA(Zoo)?!xLB<q?4W@_a6P
zfv;WJ>6fq-WtEmUud4F04`hTA-o}ga9RvJgmwx;jJaxxLu3G1iX^nh~?Qpb$L?%vJ
z>8f)-PBIr>G+8TPedcIE{)VV`YX%VAfnzH`wdXC`SsD77DauV1i>BmnTyZ@b>BcsL
zl!rkMB!#xwr<;~c8i_y2jlCnrx6NV}%UFo;<n1HDt@6_`A1kH<bD(Z<9Q3GH4G_33
z?!o2h#?!xS8a?Peq3W^EV(p=CWoEZ}3ZeMr^!fD4Q3r(!q-+ww2T?n(d#tyPP|vcH
z$-o+obv$!rAIGbHT;$mnzy0N{l=_E8ZY&DzimPBc3b-ZbT@##)jl1+UiEQji^h4SS
z5I0uDOvFg;poTaG8N&?-clldfQ<Tr2Zot0eb}FHREczf>(j2lwD0ui<$Iv)`7D@?L
zNBG#c4GgWZVh6M&)g-t&DK8h>`*|X<2sKuP)+p}^60<%Qf2h#JL(%XeY{BidIu-ji
ziy#a1NcS~XI4QZhE0u16!ddF3$%$asN#^6PZ&F(-XTsB}E%)}cO$M<IejBa?hQNvW
zk9`KZ%R&UnbLK`$jgS2aWelUcO}_WbF<ba#)n!Z)gfAWGX}2Uk<{R^}V|M)v<L!=D
z1e<@&WJ>+Yq5ZC)LC<j3#)WljXf{Tw{5SSxj%!+m<+TK9PiZwaeMvDnU}0E#{BCU2
z0RnengFXmVa$NUd$s&h%4g=_pj$e53HMBL?xYto0S=(0iD}t9b$7O$tMCmj9uIek1
z5VXt>z39$yn(W5Y{Gev*Z(MHNG_p>r1wBVz#H&%)v6qm9Ro6PdVEHDa4`DpuD&M;Q
zoYFKdJj%2d#n=HP$+PmpFXh$JL(CBoDUtI{M!U(r^T=NL1!F>1u_WRYnE%F1=d**p
zp7MiXePZYc#OO9zr{f;6Hw~Wy>!o6LyWbJgddZ_tin@CmEQiV<GC!Lb3wg6yshU;$
zDV)7l=Chj925al;l9SZoP~BRvUjfdbkSsYhYkT08&;uH+*O{E}RrfK`AbJ5c6Nv}n
z-2W6Uh+cvLNGEKP3x4i?^P+mMRnP_-lo`MC@<d!+Ttb}UpEnpEK!^wA%v9X`Wblbh
qAQR_^IR^E;5cR0L4yf46;fPrnbwWs+07)LLJpE*BL3Z@ts{IeijC^DO

literal 0
HcmV?d00001

diff --git a/tests/fixtures/certs/cert_cpf_90483926086_minhasenha.pfx b/tests/fixtures/certs/cert_cpf_90483926086_minhasenha.pfx
new file mode 100644
index 0000000000000000000000000000000000000000..1bce3304bc0d59f13c157a9b3d07e2bd86825b21
GIT binary patch
literal 3875
zcmai%Ra6uV*M%7v8ioNJq-E%4h9RUyLb^MY21UB1N4f+NBxOh?MWiJZ2802L83{>A
z>F)ge*8i{fz5FiDI&1HJaqjkd4h%_k4<A4PLxRSLNcm&bVooUm!~hf$)C)v{y8hZ7
zFeEAezY!4%Ny_xsx{D9M`@6vZCIHxze*_^V%m4=eS5m+@f#B6gzK&Z}7cg#gURy*Q
zR~0@!2_B4sh~)pS;*%2M!B~h$ZDP~_js!peKM?$)d$}gOdSMAAPgMP@;bbHNNrLKr
z_TFP0TB!1QZnLKdx#u9)wYo4^TBn?6ybw9A^<Jbab7pPsvK5F!jYW?#F_zIYix6Ii
z8XOz)e$cb<;Wi5A^Q5txM%MOoGL53O6++y|wj8JejA8uFW(n8d9(J>;N6nsR@~|MH
z%stO^nUw^p_r_C1+2ve<L2y@_Y%QgLT78dJHJ9pIy*A1tKEqy7lg0YujIiIhb;E7!
zHFLZfz=u?&Shgo@)8?1V(r94uiunCcd=Pl%&CBqY=eunm(>)Fq0G&ma;rZtVVA&<9
z3V+X0UbwIB+KC2^1nvRX5>un`H?uA=euTsSI){X=yi}gRFBW$id9j=IZEj=J&zbc2
zZ4fU~eJmg^&V-hFX;wmU=Z!)I?u`IVm=rRoji8Q|cZ`Z9i|u%UaJ{VL2d$1tv(rOF
znJBOmacT1BQ_Cm&xAl7QkJOJNR)aX5+ll5~l=uK6st)ZgJr=d93MeDH^AhM#`NFZi
zhAVWkbtLocVF}MgJ_+H?&E4_maJ8v157Z$HV){_uzH2ufLRWD)BPrb9xHMb84Y?KA
z;-d2?b4b(OQp{nWW4NBygEfC~x&eX|@;*a^Ca1;1_Nd3=c)4QQbWQ6?9Tb&#S@17}
zg|03?NqIOW%wBxZ>?9DPcVup4C=>&}8SGBP;dOqOOLFB`=Wp<8TC>wYkeLj)q6f>q
zvfP{FgBu>Ho^L~wN4au;;+4Ld$>q*GkT5t*^@YuBoxvaHuJ95Q9)d9CyT3St824_h
zin)S^F=5pWj)`kFA$Z9EHx7}K&4ldl5Eh*zl!sa@27UUK=u{ryiJqU|>t}bIFPMhz
z6EJhs=wa`;=;$-$@u~G8Bbc@tho48%O4W@Jv>D%n+M!d0KQG;W^TFnY_wx{FcV{sM
zt8bqaDS=xc-hI|Q{S?dv22RjZ3I@4wX?N<mOc|M6luuQiRAU+sUE+x8E26fp%eVA`
zc2;c^>IB4=kCH8nrwv~JtdXQmM5WBC0px8z56%oQMQSx~Gfk*dWt2Tb7q|_uTgm2N
z9i-<fC@*e7s}9?SbybQH2u0tAR^M^{jP$!{h&7<{Y;=|xub9rtlr^b|1LWS7Kc4YV
zHh!J#`z<c~6@Uk+7)|-<bA#@*OW7zU5ku=xk2A3h#yHDuN)HVF+feK1nqhLnKe*ie
zE$zamKd@aN>|>c;TM7FwvN1<Px$cmv)sKIEO6zskgxTnQh8n27CY+`Io+IgI*<tOW
zTBWkX3u99o|2gRG9?K7>u-knd?1A&%#sOq*%<s&&1*2X+Mx%ujQVIG|@SL9HnWPSb
z@W4rW4ThA1?KMK&l5Bgd*nEV$VBH@V;u7@M+rO}cm7Y#z(knl%fx9#1YKPOfh}xhb
zv+>n>s<uQ{D}n07g2m0^!9*m)uV;~0udEfnt*mc*x7=w$P>`2?>%J0tA10w$FtTW*
zcp|HYyQc3LyA6*U<)oF8?t4#3kM&c}pAC9B&1|HpDA_&0v?4ysF#2|D{OT7E{fit8
zG)&)4kG^tC6ky+^<-zL{-`wUIksx;@qAX8Nn)H2v1WerQTkzDxZqnktYx73N2Zp;H
z?AL7;PN3boa_QM8?>(70H3b(Z9v7Q(eU-YrYE;(ia2-;W*0Rrxw2~=W;^(j3>8W@S
zj%g1Ouhn&Gv0iiVr`vl)^OSHGfYD8+M1Y6CUn<`%r-{tk;)=iFiv+Bw8D=nXfF<Bp
z)^Zc+P-RMf3BNOnUkF+^ovbx?_IhkyY@+pwS%W7=TQ%^Rra%thhA5iy&yQet#nrr*
zbF&8;wwvKyV+B#URVz#>HjG6A0FO|*o}1X;uB0o~MHmWEqj*W%@qwd)<%!7tYjyXx
z^{1pY;;L2!l^^NW+W606s=u__6hDkhlh%ynYG9AhO!PL}zc75!st3FXKBs~yHUT)r
zc0`NIBrZiE`25x!iW6c<{`+_}dSQpTvJGs+J#24!{9lCX2Q=+xrNCr*OHrn)w_{FT
zc1eaf%s?I>B37gy#&Z8fg@xQXRo^8xFEIqmqW&>RI|8)0M2x+?yjC{j7dQZX?PN)3
z#(Xg73F}v=lf>Kes`2;Eq#5`a823BX#u57ocEWbrFS;0K)Fm048hr1=>H0}$mfGvn
z!G*vlp7~(TCFzeosISIi{OfL+exv={xU&O-$Av5q@D6mUoBXD&GBPxH^f5x!vmJtI
z)(27NpqctrT>H{zII6FbTMXsAcII_g9~JJRv!k_2RLbskM1|7IwS0Xo(wiMA+NE+9
z4H2OmblIu0Yd1s)6j)^CUSbQpXjoabHqwt>4Wz|*=SlJ!7T9Q{Cf3VAthosng!}Gb
zvjlV}HNw8f1T^9NbYx9yQJK%pDTMd*<E5r_pNy>_ybwQgfdhTA&cirS>M{^3$1+hF
z2xBR2&gKlZ*Lr$8C-fjeYEwWKb#Yu`sx%BZO{Y?k5ooF}CEPURdVhFLu!>kM^|fl+
zDE3&MEVf-eyKpg<Dpo|Al@zxaReM-|!ev5hHI~f?_+?&+P9W;+zxUgA%y5%<ZL)>9
zsQB-Pdmq5l3i&q3o<M3$&k<iU9U382xRFyb*SQBt@uK_fX#!R>I8Eo0`AqSRRr%*N
zN&(v3j`Wmgc(S37$nVNlC<OK;idq<8um{kG@^j<4B2Ca&dVNG6ur2@=0y0pxYlKxr
zADa&1<PR;A@0NmI;eE4>#Xn|0lh(Nhz5Sh=>3G<TiHx%Lqkuh=EBId1S9r!18eb<%
za!?ghkg}UR@Q(SAcnggzpB{PNgL3k-6Z({!rVV>|$AXrN%zA25V9bPKns)M%Q(i&L
z0Y>^%9tnype_uz4eJ6&P`GB>w1Rpp*RxVn(swsTr+m2VAr>AnicWMRMIG>^x8mW2A
zAVfgDefXul*C3xj>vYBXaN8G#Bux5;d;SYjgrPtrVbEXO@9%gKk^etqQIG-f|Atb3
zP4WK)PF`KJ%du+4j3TubXz5E5)&B`j-`dx>T_5K^p^o$Cz)gRN1tNhXJ1BJNc1H5>
z$3}{cJOZH%z%bV9QTpLKb(cv8h@dr?WsI6%ia~beFsKaESbh>e+H9~<+v@;mYAXr$
zu~^g?XRGa-<ksL{EGnT<?X??}j&}_OO*VeV&*`5yA)f~CRtX?7#jjpS-g|YT^C#PU
zMaCe*((3sUQdUbe{FXU)3b8KvVN&LalCxW>S(TQ7Kp@uV4PCEl&l=%FmmR__0KplD
zD$iaS>8kBTsxci?lWT<!T2Q6#;6rJAl1&c{o*_5uUV)#y&9KjcidXC`*k5f>F1u84
zH}x`pF(R2On5oi4;x|Wt%8VgV&h#=vk}0)Gr_ynTv;Hb8&o|-uprf`#lQoLv#3A34
zD7jF^4JgL4w8xDnj#-@+>iipaxc50rRdQ%?9x>5U{%vS(ija!QC`EkI+gPwQpsoU$
z2@2_T6iX@wCS+}_wbihiFw<4fSdKFS<$d089i<&xHmfp_6N54Dx`B^bwt@;2b_pWT
z=U!j>$?j|sk~%vMCHdEfSVP}|Zp~|ES&ZPSC!xiDcv9}Y^}ZX)2awjv*Q-B>ARK*c
z&lGYrq~rhztcsJWvE7Ssz}uY0qTucs^#tYvw0LF8_|ggS8SAtDo~SLXH`}OB;;yw9
zM4$op5fOI8x~H%Ejor^2+!~lO5x_q5*t{mYTlCaWT?|3&SJWFmEGnSbjO0lzH?#xz
zhko*Y;NHKS=x%uAx?@CbS1$6?5m6i`5YUl6#%m96oXOIII-_2MSFYs`%-(>sJ*jV&
zbdpUR<xd*z^Ol}f{PrkvKbp7+m9YM~i1$tNbY~-J1DAa)8~*C1qebyiF+;qEuwq|8
z_qgut>0$JhEz5&W-^>L+{j6tIudY#IzcZj=(MO+Ge~uo}7YCfz544;Yls!q4rmxLK
zN1EH>F_;S4EH9X2kBVPrazYrn9P`qO06#2`>Rp8Ma)qfXJ=!C0UH6ryswEip&z{zi
zNg!XERt0|lqBqx1>p80`y9p~VFzRJWKR<gTzESJg&?bJwd{wu=B5zk&APWXQrwH&A
zDrfD@SRlo7L;gB)GM9^q##L9No!}Xl-D~PUPs^7E6W`}Mi+eZSX(RKjjLF~kF7Bs~
zKzI?LxY^7MwQgc8DqD|#oe#4o?2}blp9$quJ}^xb^@&=3QBBqBDD&0+R7tRNQ-gzV
z$U$D_lStV-ZHw!eUxZeCQqph|vtHkZB7%+x`>EV5YQ%P-{@gCUM6#T^_Ei-~N{9fO
z3%0prTeYO7C0}=wpKHdC{Zsh4Cvb;ShgFaB5AuNOI7NsysA<}r^=_K*8}I#}54(3r
zzOlVKqHR5yrQ)P@b=n=HAEFu@8qc@diWb&>E$FmBn@mExthVW&8e=KY%A43-M`bmO
z`n=Ca%pmj{5c*b}Ea&Bot$Te$11ea-K%q-9`um?`SG7O>I?qU_-rqdZ{VsYCGih&i
z>JVBkQ8g|$>3n}U+BZD!p-31V81<VHLzj@SwA*GxWnBKag-tZ3dO}b6Kzr5vwP-%B
z^7oOxT}!gpSZ+||b!bU6r(vk#h^9Ja6#1-Gl%ZUwP1Q=3_{Gr23@yzP*3fGP&sEC}
z9bTB$(c>S*Q<!o*U($lg4t5S?9+GuczP8cjBRQN4#_><ll0x8gz&oXrs+7V%nwrt<
z{chp`eBs#Nj507q7#v3V&s&KPAjAW*)qddziJKo?bPTqWZ?GFWw&=b~en;`{Vycp)
W&dVhv1xRxFQ!iw*jt>6cs{IeKJwI0f

literal 0
HcmV?d00001