From ff97c2f604447a7db67cb303772d0cefd8c10c28 Mon Sep 17 00:00:00 2001
From: Dave Smith <smith@wiresareobsolete.com>
Date: Thu, 21 May 2015 15:09:25 -0600
Subject: [PATCH 01/14] Move to Gradle project format. Include separate
 encryption methods.

---
 .classpath                                    |   7 -
 .gitignore                                    |  51 +--
 .project                                      |  33 --
 AndroidManifest.xml                           |  17 -
 NOTICE                                        | 190 ----------
 README.asciidoc                               |  14 +-
 app/.gitignore                                |   1 +
 app/build.gradle                              |  19 +
 app/src/main/AndroidManifest.xml              |  19 +
 .../securenote/GetPasswordActivity.java       |  28 +-
 .../securenote/SecureNoteActivity.java        | 275 ++++++++++++++
 .../securenote/crypto/PasswordEncryptor.java  | 123 +++++++
 .../crypto/RSAHardwareEncryptor.java          | 159 ++++++++
 .../main/res}/drawable-hdpi/ic_menu_login.png | Bin
 .../main/res}/drawable-mdpi/ic_menu_login.png | Bin
 app/src/main/res/layout/get_password.xml      |  42 +++
 app/src/main/res/layout/secure_note.xml       |  66 ++++
 app/src/main/res/menu/secure_note.xml         |   7 +
 app/src/main/res/mipmap-hdpi/ic_launcher.png  | Bin 0 -> 1150 bytes
 app/src/main/res/mipmap-mdpi/ic_launcher.png  | Bin 0 -> 834 bytes
 app/src/main/res/mipmap-xhdpi/ic_launcher.png | Bin 0 -> 1681 bytes
 .../main/res/mipmap-xxhdpi/ic_launcher.png    | Bin 0 -> 2835 bytes
 .../main/res/mipmap-xxxhdpi/ic_launcher.png   | Bin 0 -> 4138 bytes
 {res => app/src/main/res}/values/strings.xml  |   0
 build.gradle                                  |  15 +
 gradle/wrapper/gradle-wrapper.jar             | Bin 0 -> 49896 bytes
 gradle/wrapper/gradle-wrapper.properties      |   6 +
 gradlew                                       | 164 +++++++++
 gradlew.bat                                   |  90 +++++
 proguard.cfg                                  |  36 --
 project.properties                            |  11 -
 res/drawable-hdpi/icon.png                    | Bin 4147 -> 0 bytes
 res/drawable-ldpi/icon.png                    | Bin 1723 -> 0 bytes
 res/drawable-mdpi/icon.png                    | Bin 2574 -> 0 bytes
 res/layout/get_password.xml                   |  22 --
 res/layout/secure_note.xml                    |  26 --
 res/menu/secure_note.xml                      |   6 -
 settings.gradle                               |   1 +
 .../android/securenote/CryptUtil.java         |  79 ----
 .../securenote/SecureNoteActivity.java        | 346 ------------------
 40 files changed, 1003 insertions(+), 850 deletions(-)
 delete mode 100644 .classpath
 delete mode 100644 .project
 delete mode 100644 AndroidManifest.xml
 delete mode 100644 NOTICE
 create mode 100644 app/.gitignore
 create mode 100644 app/build.gradle
 create mode 100644 app/src/main/AndroidManifest.xml
 rename {src/com/marakana => app/src/main/java/com/example}/android/securenote/GetPasswordActivity.java (81%)
 create mode 100644 app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
 create mode 100644 app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
 create mode 100644 app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
 rename {res => app/src/main/res}/drawable-hdpi/ic_menu_login.png (100%)
 rename {res => app/src/main/res}/drawable-mdpi/ic_menu_login.png (100%)
 create mode 100644 app/src/main/res/layout/get_password.xml
 create mode 100644 app/src/main/res/layout/secure_note.xml
 create mode 100644 app/src/main/res/menu/secure_note.xml
 create mode 100644 app/src/main/res/mipmap-hdpi/ic_launcher.png
 create mode 100644 app/src/main/res/mipmap-mdpi/ic_launcher.png
 create mode 100644 app/src/main/res/mipmap-xhdpi/ic_launcher.png
 create mode 100644 app/src/main/res/mipmap-xxhdpi/ic_launcher.png
 create mode 100644 app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
 rename {res => app/src/main/res}/values/strings.xml (100%)
 create mode 100644 build.gradle
 create mode 100644 gradle/wrapper/gradle-wrapper.jar
 create mode 100644 gradle/wrapper/gradle-wrapper.properties
 create mode 100755 gradlew
 create mode 100644 gradlew.bat
 delete mode 100644 proguard.cfg
 delete mode 100644 project.properties
 delete mode 100644 res/drawable-hdpi/icon.png
 delete mode 100644 res/drawable-ldpi/icon.png
 delete mode 100644 res/drawable-mdpi/icon.png
 delete mode 100644 res/layout/get_password.xml
 delete mode 100644 res/layout/secure_note.xml
 delete mode 100644 res/menu/secure_note.xml
 create mode 100644 settings.gradle
 delete mode 100644 src/com/marakana/android/securenote/CryptUtil.java
 delete mode 100644 src/com/marakana/android/securenote/SecureNoteActivity.java

diff --git a/.classpath b/.classpath
deleted file mode 100644
index 6c635c0..0000000
--- a/.classpath
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry kind="src" path="src"/>
-	<classpathentry kind="src" path="gen"/>
-	<classpathentry kind="con" path="com.android.ide.eclipse.adt.ANDROID_FRAMEWORK"/>
-	<classpathentry kind="output" path="bin/classes"/>
-</classpath>
diff --git a/.gitignore b/.gitignore
index 0fd5efe..5bfe9e5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,44 +1,7 @@
-# Compiled source #
-###################
-*.com
-*.class
-*.dll
-*.exe
-*.o
-*.o.d
-*.so
-
-# Packages #
-############
-# it's better to unpack these files and commit the raw source
-# git has its own built in compression methods
-*.7z
-*.dmg
-*.gz
-*.iso
-*.rar
-*.tar
-*.zip
-
-# Generated code #
-##################
-obj/*
-libs/*
-bin/*
-gen/*
-
-# Logs               #
-######################
-*.log
-
-# OS generated files #
-######################
-.DS_Store*
-ehthumbs.db
-Icon?
-Thumbs.db
-
-# Eclipse Artifacts #
-#####################
-.metadata/*
-
+.gradle
+/local.properties
+/.idea/
+*.iml
+.DS_Store
+/build
+/captures
diff --git a/.project b/.project
deleted file mode 100644
index af23d61..0000000
--- a/.project
+++ /dev/null
@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<projectDescription>
-	<name>SecureNote</name>
-	<comment></comment>
-	<projects>
-	</projects>
-	<buildSpec>
-		<buildCommand>
-			<name>com.android.ide.eclipse.adt.ResourceManagerBuilder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
-		<buildCommand>
-			<name>com.android.ide.eclipse.adt.PreCompilerBuilder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
-		<buildCommand>
-			<name>org.eclipse.jdt.core.javabuilder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
-		<buildCommand>
-			<name>com.android.ide.eclipse.adt.ApkBuilder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
-	</buildSpec>
-	<natures>
-		<nature>com.android.ide.eclipse.adt.AndroidNature</nature>
-		<nature>org.eclipse.jdt.core.javanature</nature>
-	</natures>
-</projectDescription>
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
deleted file mode 100644
index 07d73e1..0000000
--- a/AndroidManifest.xml
+++ /dev/null
@@ -1,17 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
-	package="com.marakana.android.securenote" android:versionCode="1"
-	android:versionName="1.0">
-	<uses-sdk android:minSdkVersion="10" />
-
-	<application android:icon="@drawable/icon" android:label="@string/app_name">
-		<activity android:name=".SecureNoteActivity" android:label="@string/app_name">
-			<intent-filter>
-				<action android:name="android.intent.action.MAIN" />
-				<category android:name="android.intent.category.LAUNCHER" />
-			</intent-filter>
-		</activity>
-		<activity android:name=".GetPasswordActivity" android:label="@string/get_password_label"
-			android:theme="@android:style/Theme.Dialog" android:exported="false" />
-	</application>
-</manifest>
\ No newline at end of file
diff --git a/NOTICE b/NOTICE
deleted file mode 100644
index 1c6e3c4..0000000
--- a/NOTICE
+++ /dev/null
@@ -1,190 +0,0 @@
-
-   Copyright (c) 2005-2012, Marakana Inc.
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-
-
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
diff --git a/README.asciidoc b/README.asciidoc
index b6cf4fc..d4ece7d 100644
--- a/README.asciidoc
+++ b/README.asciidoc
@@ -1,13 +1,5 @@
-= About This Project
+= Storage Encryption
 
-This Android Eclipse project demonstrates how [not] to protect data in an Android application.
+This project was created to support various http://thenewcircle.com/training/android/[NewCircle Android Training] courses.
 
-This code was developed to support Marakana's Android Training courses.
-
-For more info, see http://marakana.com/training/android/
-
-== Legal
-
-Please see ++NOTICE++ file in this directory for copyright, license terms, and legal disclaimers.
-
-Copyright © 2012 Marakana Inc.
+This application is intended to demonstrate the use of Java cryptography to encrypt data in Android.
diff --git a/app/.gitignore b/app/.gitignore
new file mode 100644
index 0000000..796b96d
--- /dev/null
+++ b/app/.gitignore
@@ -0,0 +1 @@
+/build
diff --git a/app/build.gradle b/app/build.gradle
new file mode 100644
index 0000000..10af4f3
--- /dev/null
+++ b/app/build.gradle
@@ -0,0 +1,19 @@
+apply plugin: 'com.android.application'
+
+android {
+    compileSdkVersion 22
+    buildToolsVersion "22.0.1"
+
+    defaultConfig {
+        applicationId "com.example.android.securenote"
+        minSdkVersion 18
+        targetSdkVersion 22
+    }
+
+    buildTypes {
+        release {
+            minifyEnabled false
+            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.txt'
+        }
+    }
+}
diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
new file mode 100644
index 0000000..0800f33
--- /dev/null
+++ b/app/src/main/AndroidManifest.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+	package="com.example.android.securenote">
+
+	<application android:icon="@mipmap/ic_launcher"
+		android:label="@string/app_name">
+		<activity android:name=".SecureNoteActivity"
+			android:label="@string/app_name">
+			<intent-filter>
+				<action android:name="android.intent.action.MAIN" />
+				<category android:name="android.intent.category.LAUNCHER" />
+			</intent-filter>
+		</activity>
+		<activity android:name=".GetPasswordActivity"
+			android:label="@string/get_password_label"
+			android:theme="@android:style/Theme.Holo.Dialog"
+			android:exported="false" />
+	</application>
+</manifest>
\ No newline at end of file
diff --git a/src/com/marakana/android/securenote/GetPasswordActivity.java b/app/src/main/java/com/example/android/securenote/GetPasswordActivity.java
similarity index 81%
rename from src/com/marakana/android/securenote/GetPasswordActivity.java
rename to app/src/main/java/com/example/android/securenote/GetPasswordActivity.java
index 4cd1d16..ebfe3d3 100644
--- a/src/com/marakana/android/securenote/GetPasswordActivity.java
+++ b/app/src/main/java/com/example/android/securenote/GetPasswordActivity.java
@@ -1,5 +1,5 @@
 
-package com.marakana.android.securenote;
+package com.example.android.securenote;
 
 import java.security.NoSuchAlgorithmException;
 
@@ -14,23 +14,18 @@
 import android.widget.Button;
 import android.widget.EditText;
 
-public class GetPasswordActivity extends Activity implements OnClickListener, TextWatcher {
-    private static final String TAG = "GetPasswordActivity";
+public class GetPasswordActivity extends Activity implements
+        OnClickListener, TextWatcher {
+    private static final String TAG = GetPasswordActivity.class.getSimpleName();
 
     public static final String VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword";
-
     public static final String MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength";
-
     public static final String PASSWORD_RESPONSE_PARAM = "password";
 
     private EditText password;
-
     private EditText passwordVerification;
-
     private Button ok;
-
     private Button cancel;
-
     private int minPasswordLength;
 
     @Override
@@ -71,19 +66,8 @@ protected void onPause() {
     public void onClick(View v) {
         if (v == this.ok) {
             Intent reply = new Intent();
-            int passwordLength = this.password.getText().length();
-            byte[] password = new byte[passwordLength * 2];
-            for (int i = 0; i < passwordLength; i++) {
-                char ch = this.password.getText().charAt(i);
-                password[i * 2] = (byte)(ch >> 8);
-                password[i * 2 + 1] = (byte)ch;
-            }
-            try {
-                reply.putExtra(PASSWORD_RESPONSE_PARAM, CryptUtil.getKey(password, true));
-            } catch (NoSuchAlgorithmException e) {
-                Log.wtf(TAG, "Failed to get key for password", e);
-                super.setResult(RESULT_CANCELED, reply);
-            }
+            String password = this.password.getText().toString();
+            reply.putExtra(PASSWORD_RESPONSE_PARAM, password);
             super.setResult(RESULT_OK, reply);
         } else if (v == this.cancel) {
             super.setResult(RESULT_CANCELED);
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
new file mode 100644
index 0000000..fbe35ea
--- /dev/null
+++ b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
@@ -0,0 +1,275 @@
+
+package com.example.android.securenote;
+
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
+import java.io.Reader;
+import java.io.Writer;
+import java.nio.CharBuffer;
+import java.security.Key;
+
+import javax.crypto.Cipher;
+import javax.crypto.CipherInputStream;
+import javax.crypto.CipherOutputStream;
+
+import android.app.Activity;
+import android.app.AlertDialog;
+import android.content.DialogInterface;
+import android.content.Intent;
+import android.os.AsyncTask;
+import android.os.Bundle;
+import android.text.Editable;
+import android.text.TextWatcher;
+import android.util.Log;
+import android.view.Menu;
+import android.view.MenuItem;
+import android.view.View;
+import android.view.View.OnClickListener;
+import android.widget.Button;
+import android.widget.EditText;
+import android.widget.RadioGroup;
+import android.widget.TextView;
+import android.widget.Toast;
+
+import com.example.android.securenote.crypto.PasswordEncryptor;
+import com.example.android.securenote.crypto.RSAHardwareEncryptor;
+
+public class SecureNoteActivity extends Activity implements
+        OnClickListener, TextWatcher {
+    private static final String TAG = SecureNoteActivity.class.getSimpleName();
+
+    private static final String PASSWORD_KEY = "password";
+    private static final String CHARSET = "UTF-8";
+    private static final String FILENAME = "secure.note";
+
+    /* Password Activity Actions */
+    private static final int GET_PASSWORD_FOR_LOAD = 1;
+    private static final int GET_PASSWORD_FOR_SAVE = 2;
+
+    private EditText noteText;
+    private TextView resultText;
+    private RadioGroup encryptionSelect;
+    private Button loadButton;
+    private Button saveButton;
+
+    private PasswordEncryptor passwordEncryptor;
+    private RSAHardwareEncryptor hardwareEncryptor;
+
+    @Override
+    public void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+        setContentView(R.layout.secure_note);
+
+        this.noteText = (EditText) findViewById(R.id.note_text);
+        this.resultText = (TextView) findViewById(R.id.text_result);
+        this.encryptionSelect = (RadioGroup) findViewById(R.id.type_select);
+        this.loadButton = (Button) findViewById(R.id.load_button);
+        this.saveButton = (Button) findViewById(R.id.save_button);
+
+        this.loadButton.setOnClickListener(this);
+        this.saveButton.setOnClickListener(this);
+        this.noteText.addTextChangedListener(this);
+
+        passwordEncryptor = new PasswordEncryptor();
+        hardwareEncryptor = new RSAHardwareEncryptor(this);
+    }
+
+    @Override
+    public boolean onCreateOptionsMenu(Menu menu) {
+        getMenuInflater().inflate(R.menu.secure_note, menu);
+        return true;
+    }
+
+    @Override
+    public boolean onPrepareOptionsMenu(Menu menu) {
+        menu.findItem(R.id.delete_button)
+                .setEnabled(this.isSecureNoteFilePresent());
+        return true;
+    }
+
+    @Override
+    public boolean onOptionsItemSelected(MenuItem item) {
+        switch (item.getItemId()) {
+            case R.id.delete_button:
+                new AlertDialog.Builder(this)
+                        .setMessage(R.string.delete_alert)
+                        .setCancelable(false)
+                        .setPositiveButton(android.R.string.yes,
+                                new DialogInterface.OnClickListener() {
+                                    public void onClick(DialogInterface dialog, int id) {
+                                        deleteSecureNote();
+                                    }
+                                }).setNegativeButton(android.R.string.no, null).show();
+                return true;
+            default:
+                return super.onOptionsItemSelected(item);
+        }
+    }
+
+    private void getPassword(int requestCode, boolean verifyPasswords) {
+        Log.d(TAG, "Getting password");
+        Intent intent = new Intent(this, GetPasswordActivity.class);
+        intent.putExtra(GetPasswordActivity.MIN_PASSWORD_LENGTH_REQUEST_PARAM, 6);
+        intent.putExtra(GetPasswordActivity.VERIFY_PASSWORD_REQUEST_PARAM, verifyPasswords);
+
+        startActivityForResult(intent, requestCode);
+    }
+
+    private boolean isSecureNoteFilePresent() {
+        return getFileStreamPath(FILENAME).exists();
+    }
+
+    @Override
+    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
+        switch (resultCode) {
+            case RESULT_OK:
+                String passkey = data.getStringExtra(
+                        GetPasswordActivity.PASSWORD_RESPONSE_PARAM);
+                switch (requestCode) {
+                    case GET_PASSWORD_FOR_LOAD:
+                        this.loadSecureNote(passkey);
+                        break;
+                    case GET_PASSWORD_FOR_SAVE:
+                        this.saveSecureNote(passkey);
+                        break;
+                }
+                break;
+            case RESULT_CANCELED:
+                Log.d(TAG, "Canceled result. Ignoring.");
+                break;
+            default:
+                Log.w(TAG, "Unexpected result: " + resultCode);
+        }
+    }
+
+    public void onClick(View v) {
+        int encryptionType = this.encryptionSelect.getCheckedRadioButtonId();
+        switch (v.getId()) {
+            case R.id.load_button:
+                if (encryptionType == R.id.type_password) {
+                    getPassword(GET_PASSWORD_FOR_LOAD, false);
+                } else {
+                    loadSecureNote(null);
+                }
+                break;
+            case R.id.save_button:
+                if (encryptionType == R.id.type_password) {
+                    getPassword(GET_PASSWORD_FOR_SAVE, true);
+                } else {
+                    saveSecureNote(null);
+                }
+                break;
+            default:
+                throw new IllegalArgumentException("Invalid Button");
+        }
+    }
+
+    @Override
+    protected void onDestroy() {
+        super.onDestroy();
+        this.noteText.getText().clear();
+    }
+
+    private void deleteSecureNote() {
+        Log.d(TAG, "Deleting note");
+        if (super.getFileStreamPath(FILENAME).delete()) {
+            toast(R.string.deleted_note);
+            Log.d(TAG, "Deleted note");
+        } else {
+            toast(R.string.failed_to_delete);
+            Log.e(TAG, "Failed to delete note");
+        }
+    }
+
+    private void saveSecureNote(final String passkey) {
+        Log.d(TAG, "Saving note");
+        new AsyncTask<String, Void, Boolean>() {
+
+            @Override
+            protected Boolean doInBackground(String... strings) {
+                try {
+                    OutputStream out = openFileOutput(FILENAME, MODE_PRIVATE);
+                    String note = strings[0];
+                    if (passkey == null) {
+                        hardwareEncryptor.encryptData(note.getBytes(), out);
+                    } else {
+                        passwordEncryptor.encryptData(passkey, note.getBytes(), out);
+                    }
+                    Log.d(TAG, "Saved note to " + FILENAME);
+
+                    return true;
+                } catch (Exception e) {
+                    Log.e(TAG, "Failed to save note to " + FILENAME, e);
+                    getFileStreamPath(FILENAME).delete();
+                    return false;
+                }
+            }
+
+            @Override
+            protected void onPostExecute(Boolean result) {
+                if (result) {
+                    SecureNoteActivity.this.noteText.getText().clear();
+                    toast(R.string.saved_note);
+                } else {
+                    toast(R.string.failed_to_save);
+                }
+            }
+
+        }.execute(this.noteText.getText().toString());
+    }
+
+    private void loadSecureNote(final String passkey) {
+        Log.d(TAG, "Loading note...");
+        new AsyncTask<Void, Void, String>() {
+            @Override
+            protected String doInBackground(Void... params) {
+                try {
+                    InputStream in = openFileInput(FILENAME);
+                    byte[] decrypted;
+                    if (passkey == null) {
+                        decrypted = hardwareEncryptor.decryptData(in);
+                    } else {
+                        decrypted = passwordEncryptor.decryptData(passkey, in);
+                    }
+                    Log.d(TAG, "Loaded note from " + FILENAME);
+                    return new String(decrypted);
+                } catch (Exception e) {
+                    Log.e(TAG, "Failed to load note from " + FILENAME, e);
+                    return null;
+                }
+            }
+
+            @Override
+            protected void onPostExecute(String result) {
+                if (result == null) {
+                    toast(R.string.failed_to_load);
+                } else {
+                    SecureNoteActivity.this.resultText.setText(result);
+                    toast(R.string.loaded_note);
+                }
+            }
+        }.execute();
+    }
+
+    private void toast(int resId) {
+        Toast.makeText(this, resId, Toast.LENGTH_LONG).show();
+    }
+
+    public void afterTextChanged(Editable s) {
+        this.saveButton.setEnabled(true);
+    }
+
+    @Override
+    public void beforeTextChanged(CharSequence s,
+                                  int start,
+                                  int count,
+                                  int after) { }
+
+    @Override
+    public void onTextChanged(CharSequence s,
+                              int start,
+                              int before,
+                              int count) { }
+}
diff --git a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
new file mode 100644
index 0000000..18e4555
--- /dev/null
+++ b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
@@ -0,0 +1,123 @@
+package com.example.android.securenote.crypto;
+
+import android.util.Base64;
+import android.util.Base64OutputStream;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.io.Reader;
+import java.io.StringReader;
+import java.security.GeneralSecurityException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import javax.crypto.Cipher;
+import javax.crypto.CipherOutputStream;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+
+public class PasswordEncryptor {
+
+    private static final String ENCRYPTION_ALGORITHM = "AES/CBC/PKCS5Padding";
+    private static final int KEY_LENGTH = 256;
+    private static final int SALT_LENGTH = KEY_LENGTH / 8;
+    private static final String DELIMITER = "&";
+
+    private SecureRandom mSecureRandom;
+
+    public PasswordEncryptor() {
+        // Do *not* seed secureRandom! Automatically seeded from system entropy.
+        mSecureRandom = new SecureRandom();
+    }
+
+    /**
+     * Return a cipher text blob of encrypted data, Base64 encoded.
+     *
+     * @throws GeneralSecurityException
+     */
+    public void encryptData(String passphrase, byte[] data, OutputStream out) throws GeneralSecurityException, IOException {
+        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
+
+        byte[] salt = new byte[SALT_LENGTH];
+        mSecureRandom.nextBytes(salt);
+
+        byte[] iv = new byte[cipher.getBlockSize()];
+        mSecureRandom.nextBytes(iv);
+
+        Key key = generateSecretKey(passphrase.toCharArray(), salt);
+        cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
+
+        //Pack the result in a cipher text blob
+        final byte[] encrypted = cipher.doFinal(data);
+        try {
+            out.write(Base64.encode(salt, Base64.NO_WRAP));
+            out.write(DELIMITER.getBytes());
+            out.write(Base64.encode(iv, Base64.NO_WRAP));
+            out.write(DELIMITER.getBytes());
+            out.write(Base64.encode(encrypted, Base64.NO_WRAP));
+
+            out.flush();
+        } finally {
+            out.close();
+        }
+    }
+
+    /**
+     * Return decrypted data from the received cipher text blob.
+     *
+     * @throws GeneralSecurityException
+     * @throws IOException
+     */
+    public byte[] decryptData(String passphrase, InputStream in) throws GeneralSecurityException, IOException {
+        //Unpack cipherText
+        String cipherText = readFile(in);
+        String[] fields = cipherText.split(DELIMITER);
+        if (fields.length != 3) {
+            throw new IllegalArgumentException("Not a valid cipher text blob");
+        }
+
+        final byte[] salt = Base64.decode(fields[0], Base64.NO_WRAP);
+        final byte[] iv = Base64.decode(fields[1], Base64.NO_WRAP);
+        final byte[] encrypted = Base64.decode(fields[2], Base64.NO_WRAP);
+
+        Key key = generateSecretKey(passphrase.toCharArray(), salt);
+        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
+
+        cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
+
+        return cipher.doFinal(encrypted);
+    }
+
+    private SecretKey generateSecretKey(char[] passphraseOrPin, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException {
+        // Number of PBKDF2 hardening rounds to use. Larger values increase
+        // computation time. You should select a value that causes computation
+        // to take >100ms.
+        final int iterations = 1000;
+
+        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+        KeySpec keySpec = new PBEKeySpec(passphraseOrPin, salt, iterations, KEY_LENGTH);
+        byte[] keyBytes = secretKeyFactory.generateSecret(keySpec).getEncoded();
+        return new SecretKeySpec(keyBytes, "AES");
+    }
+
+    private String readFile(InputStream in) throws IOException {
+        InputStreamReader reader = new InputStreamReader(in);
+        StringBuilder sb = new StringBuilder();
+
+        char[] inputBuffer = new char[2048];
+        int read;
+        while ((read = reader.read(inputBuffer)) != -1) {
+            sb.append(inputBuffer, 0, read);
+        }
+
+        return sb.toString();
+    }
+}
diff --git a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
new file mode 100644
index 0000000..26c3c7a
--- /dev/null
+++ b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
@@ -0,0 +1,159 @@
+package com.example.android.securenote.crypto;
+
+import android.content.Context;
+import android.content.SharedPreferences;
+import android.security.KeyChain;
+import android.security.KeyPairGeneratorSpec;
+import android.util.Base64;
+import android.util.Base64InputStream;
+import android.util.Base64OutputStream;
+import android.util.Log;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.math.BigInteger;
+import java.nio.ByteBuffer;
+import java.security.GeneralSecurityException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.UnrecoverableEntryException;
+import java.security.cert.CertificateException;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Calendar;
+import java.util.Date;
+
+import javax.crypto.Cipher;
+import javax.crypto.CipherInputStream;
+import javax.crypto.CipherOutputStream;
+import javax.security.auth.x500.X500Principal;
+
+public class RSAHardwareEncryptor {
+    private static final String TAG =
+            RSAHardwareEncryptor.class.getSimpleName();
+    private static final String PROVIDER_NAME = "AndroidKeyStore";
+    private static final String KEY_ALGORITHM = "RSA";
+    private static final String ENCRYPTION_ALGORITHM = "RSA/ECB/PKCS1Padding";
+
+    private static final String KEY_PUBLIC = "publickey";
+    private static final String KEY_ALIAS = "secureKeyAlias";
+
+    private SharedPreferences mPublicKeyStore;
+
+    public RSAHardwareEncryptor(Context context) {
+        mPublicKeyStore = context.getSharedPreferences(
+                "publickey.store", Context.MODE_PRIVATE);
+        try {
+            if (!mPublicKeyStore.contains(KEY_PUBLIC)) {
+                generatePrivateKey(context);
+                Log.d(TAG, "Generated hardware-bound key");
+            } else {
+                Log.d(TAG, "Hardware key pair already exists");
+            }
+        } catch (Exception e) {
+            throw new RuntimeException("Unable to generate key material.");
+        }
+    }
+
+    public void encryptData(byte[] data, OutputStream out) throws GeneralSecurityException, IOException {
+        Key key = retrievePublicKey();
+        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
+        cipher.init(Cipher.ENCRYPT_MODE, key);
+
+        //Encode output to file
+        out = new Base64OutputStream(out, Base64.NO_WRAP);
+        //Encrypt output to encoder
+        out = new CipherOutputStream(out, cipher);
+
+        try {
+            out.write(data);
+            out.flush();
+        } finally {
+            out.close();
+        }
+    }
+
+    public byte[] decryptData(InputStream in) throws GeneralSecurityException, IOException {
+        Key key = retrievePrivateKey();
+        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
+        cipher.init(Cipher.DECRYPT_MODE, key);
+
+        //Decode input from file
+        in = new Base64InputStream(in, Base64.NO_WRAP);
+        //Decrypt input from decoder
+        in = new CipherInputStream(in, cipher);
+
+        return readFile(in).getBytes();
+    }
+
+    public Key retrievePublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
+        String encodedKey = mPublicKeyStore.getString(KEY_PUBLIC, null);
+        if (encodedKey == null) {
+            throw new RuntimeException("Expected valid public key!");
+        }
+
+        byte[] publicKey = Base64.decode(encodedKey, Base64.NO_WRAP);
+        return KeyFactory.getInstance(KEY_ALGORITHM)
+                        .generatePublic(new X509EncodedKeySpec(publicKey));
+    }
+
+    public Key retrievePrivateKey() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException {
+        KeyStore ks = KeyStore.getInstance(PROVIDER_NAME);
+        ks.load(null);
+        KeyStore.Entry entry = ks.getEntry(KEY_ALIAS, null);
+        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
+            Log.w(TAG, "Not an instance of a PrivateKeyEntry");
+            return null;
+        }
+
+        return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
+    }
+
+    private void generatePrivateKey(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
+        Calendar cal = Calendar.getInstance();
+        Date now = cal.getTime();
+        cal.add(Calendar.YEAR, 1);
+        Date end = cal.getTime();
+
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALGORITHM, PROVIDER_NAME);
+        kpg.initialize(new KeyPairGeneratorSpec.Builder(context)
+                .setAlias(KEY_ALIAS)
+                .setStartDate(now)
+                .setEndDate(end)
+                .setSerialNumber(BigInteger.valueOf(1))
+                .setSubject(new X500Principal("CN=" + KEY_ALIAS))
+                .build());
+
+        //Generate and bind the private key to hardware
+        KeyPair kp = kpg.generateKeyPair();
+
+        //Persist the public key
+        PublicKey publicKey = kp.getPublic();
+        String encodedKey = Base64.encodeToString(publicKey.getEncoded(), Base64.NO_WRAP);
+        mPublicKeyStore.edit().putString(KEY_PUBLIC, encodedKey).apply();
+    }
+
+    private String readFile(InputStream in) throws IOException {
+        InputStreamReader reader = new InputStreamReader(in);
+        StringBuilder sb = new StringBuilder();
+
+        char[] inputBuffer = new char[2048];
+        int read;
+        while ((read = reader.read(inputBuffer)) != -1) {
+            sb.append(inputBuffer, 0, read);
+        }
+
+        return sb.toString();
+    }
+}
diff --git a/res/drawable-hdpi/ic_menu_login.png b/app/src/main/res/drawable-hdpi/ic_menu_login.png
similarity index 100%
rename from res/drawable-hdpi/ic_menu_login.png
rename to app/src/main/res/drawable-hdpi/ic_menu_login.png
diff --git a/res/drawable-mdpi/ic_menu_login.png b/app/src/main/res/drawable-mdpi/ic_menu_login.png
similarity index 100%
rename from res/drawable-mdpi/ic_menu_login.png
rename to app/src/main/res/drawable-mdpi/ic_menu_login.png
diff --git a/app/src/main/res/layout/get_password.xml b/app/src/main/res/layout/get_password.xml
new file mode 100644
index 0000000..155371e
--- /dev/null
+++ b/app/src/main/res/layout/get_password.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    android:layout_width="match_parent"
+    android:layout_height="wrap_content"
+    android:orientation="vertical"
+    android:padding="5dp">
+
+    <EditText
+        android:id="@+id/password_text"
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:filterTouchesWhenObscured="true"
+        android:hint="@string/password_hint"
+        android:inputType="textPassword"/>
+
+    <EditText
+        android:id="@+id/password_verification_text"
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:filterTouchesWhenObscured="true"
+        android:hint="@string/password_verification_hint"
+        android:inputType="textPassword"/>
+
+    <LinearLayout
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content">
+
+        <Button
+            android:id="@+id/ok_button"
+            android:layout_width="match_parent"
+            android:layout_height="wrap_content"
+            android:layout_weight="1"
+            android:text="@string/ok_button"/>
+
+        <Button
+            android:id="@+id/cancel_button"
+            android:layout_width="match_parent"
+            android:layout_height="wrap_content"
+            android:layout_weight="1"
+            android:text="@string/cancel_button"/>
+    </LinearLayout>
+</LinearLayout>
diff --git a/app/src/main/res/layout/secure_note.xml b/app/src/main/res/layout/secure_note.xml
new file mode 100644
index 0000000..ba78038
--- /dev/null
+++ b/app/src/main/res/layout/secure_note.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="utf-8"?>
+<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    android:layout_width="fill_parent"
+    android:layout_height="fill_parent"
+    android:orientation="vertical">
+
+    <TextView
+        android:layout_width="fill_parent"
+        android:layout_height="wrap_content"
+        android:gravity="center"
+        android:text="@string/secure_note_title"
+        android:textSize="25sp"/>
+
+    <EditText
+        android:id="@+id/note_text"
+        android:layout_width="match_parent"
+        android:layout_height="0dp"
+        android:layout_weight="1"
+        android:hint="@string/note_text_hint"/>
+
+    <TextView
+        android:id="@+id/text_result"
+        android:layout_width="match_parent"
+        android:layout_height="0dp"
+        android:layout_weight="1"
+        android:gravity="center"/>
+
+    <RadioGroup
+        android:id="@+id/type_select"
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:orientation="horizontal">
+        <RadioButton
+            android:id="@+id/type_password"
+            android:layout_width="0dp"
+            android:layout_height="wrap_content"
+            android:layout_weight="1"
+            android:text="Password-Based"/>
+        <RadioButton
+            android:id="@+id/type_key"
+            android:layout_width="0dp"
+            android:layout_height="wrap_content"
+            android:layout_weight="1"
+            android:text="Key-Based"/>
+    </RadioGroup>
+
+    <LinearLayout
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:orientation="horizontal">
+
+        <Button
+            android:id="@+id/load_button"
+            android:layout_width="match_parent"
+            android:layout_height="wrap_content"
+            android:layout_weight="1"
+            android:text="@string/load_button"/>
+
+        <Button
+            android:id="@+id/save_button"
+            android:layout_width="match_parent"
+            android:layout_height="wrap_content"
+            android:layout_weight="1"
+            android:text="@string/save_button"/>
+    </LinearLayout>
+</LinearLayout>
diff --git a/app/src/main/res/menu/secure_note.xml b/app/src/main/res/menu/secure_note.xml
new file mode 100644
index 0000000..049301f
--- /dev/null
+++ b/app/src/main/res/menu/secure_note.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<menu xmlns:android="http://schemas.android.com/apk/res/android">
+    <item
+        android:id="@+id/delete_button"
+        android:icon="@android:drawable/ic_menu_delete"
+        android:title="@string/delete_button"/>
+</menu>
diff --git a/app/src/main/res/mipmap-hdpi/ic_launcher.png b/app/src/main/res/mipmap-hdpi/ic_launcher.png
new file mode 100644
index 0000000000000000000000000000000000000000..6395bed10f24161ebccaa91d73ab8f1e4a6c6604
GIT binary patch
literal 1150
zcmV-^1cCdBP)<h;3K|Lk000e1NJLTq002k;002k`1^@s6RqeA!000C<Nkl<Zc-rlo
zT}V_x6o6;$?kZ(OSY{GsQIXh74+T+y^-%Or5Cnw}K|e-CKWGpLZPJsXb7x)CD5Qso
z2$Cqnr^+4#`vcL8dP;(z2n{pz-n(mVXI5Ev-Mx2dyW7s*&Vj=&doOoqzI)D@IWuPn
zK|w)5aj@trJ)x_l&Hm?-I-Qd%Sq~_nx{IMRx}nmoc0DuL;98|KV(47i<P0m~q!v2#
z(yr$joZN-y-E)kaX)U?)G?ff$Dm^^&TFC3AdP`1$#+7wO1KlE2XUaxH^(+$C;$Xuy
zVUa=ARpO{v1aK|@q=7+ier}-Ay%=1s5<1!ezkP+zP$Csj!TO%T_Zk6205ceQ4!`*w
z7pw<w=jTF)KS5{TfsUI&vCs){t3FW8xaKKz6r6z1y#zY;I0YzXmer*-Dr=qLTAUt&
zPW`Y8PDEi8GdMk)C{AUKKnE^|UBhlTQEI5<dR9Ublelz(nE~lWsIyGT9ypAan{=i(
z9B5OIJs&||B(h2v6)$B4oS@IO5*j=j*FjF&g)4Nzo7Px(=>F4~^M3f|+*wm;hA+WA
z<1k0soCUcT=}6c?PIx3XsiZXpH|mO-Q&pKj>>s#Q?3OnuL%wCvN!?(yT4UkB9Z1p5
zz;fs*`223}hVip?nXISnUj=3hSL~A$PJPb&zpxBDbz;n?tdVfGO!rFwXEI(fdPYX~
zs*wc{xY->U0o|7dkV@W2xST;cB?9yzGsAeDrx5b1-7uW*(i?LY#O7U|g@JnaQW@0n
zdy1mlHc~%lHne*u#L0c)db;K~RbnkB>Mf1JpPr6b5Tob8ikf9mXsb6ecrbbZ+C3CA
z<L0E+)&y7Q^oZGzDjFcGi)jtYdVmu&x#y}aaKdZGRtY92uVe*eIdCvCY|9Ej2yz>X
zw=nrfkBU4}0)pJk>OPTJ+XKjY&M^{dD#(%2#U|Il%>gmj3Iv3J5D)@FKnMr{As_^V
zfDjM@LO=)z0U;m+G;>9<)Ft-SEdUJ(h%y2)RMKM!$nRQaQ@sy)ZCWhA$WvLDTt#7(
zMY})SR&-@By3J(SHK41?23Y}xtNdekG^W)@kK4QL!{{DS=Nw(oB*4kOaVV-`!CJbb
zs?@&eoE}SG1)1t95oaZ`ZD$n%@^Vr2(GM{dx1KY#^_--5;h{v;9sM$v-&M*2NaLhM
zzUmHfq6daf39M(#mI+{50=VC`8XEaFW0u3n7npXGNnHj!5Kc{$G8jrLrj@iOs|bs|
zpH@K7Z%P8BC;EPH@g1Vfg=C{7KbAmG#??G>x;F`+2gE6YfDjM@LO=)z0U;pA0x~$Q
zww@@`qX}}m?Mcp$wK~Uw#LU`!7X1ryr_w~ZUBZ)#(@@Kalf?9tAt%gYh2WgY+0`c*
zTlh+shz^0PU5qNt?G?wCl2yEGDm`d$(k<4+r?zqGem3Xj5fl^@l>b0}0}XKHq*z&M
QYXATM07*qoM6N<$f`^U=T>t<8

literal 0
HcmV?d00001

diff --git a/app/src/main/res/mipmap-mdpi/ic_launcher.png b/app/src/main/res/mipmap-mdpi/ic_launcher.png
new file mode 100644
index 0000000000000000000000000000000000000000..1c5dd0a0770c4fda6f574da658cbbfb9bbf7defa
GIT binary patch
literal 834
zcmV-I1HJr-P)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm0009CNkl<Zc-rk+
zO=uJ`6i#NgJJzbzRYAoc5EZF-@?aIAClRbCp@=_M(VIm*d2lHn{9&8SY!?ew@ec*{
zBq~T1+lwcm3Rb~`;130@73yj?^MlowSu5i<rMp8jGeQE79g@l9`(9pN@?I7pRaA+$
zI3{jq1h>`N&!$?7O;Jbe1X#hyI3{{JlFb;^_8H7J={7-6T$);yh*@AT3l7Cce9h+4
z3mpsZfLUn=kY~9tijTugwK}wJ$)ET4+9o=k7&H2QzM%ntz5tWB3%?A0e+h*kk5SYM
z&oAwKdQl?4yPc`!K5&Z0rvxq#1}5ZL`kHu6hiIEXqeHa-|Az!cBYZK(0={Hv8_EFw
z0;**O#sg+mwDa2LNWqWx%&UjNUj;Pz(aoh+a<@3G)=kvybk!{d;DZ5k`oOx4`O%pU
z#V0CEVaV&$*TVCeD$M4hYo%5Ifj1QkoJ0bi`+ETKN#J3AR&7F}cM1Bzh_OKa&I>+1
z?4q51cJRIkJP$r8jQ~M~2<#tSl|=yL-prZ{_ZAjD2wVUDVs6fCURPeMTC)uCsJ?z;
zow*invrT-6d$&;FJ)$>(wub|YY+$UbelFBqfakB0<ksiH;xw32e_-5E+tRj#F_lY`
zrx+iG58jYwLIgc<O}txBe?JU?Ucn%zWD@`<aa2%0@c$5iqqicU2q*%IfFhs>C<4&&
zwjkg*CYyjw@Bu-b&|mven&9ow*$u?9!+s7(GJ%pgs}TUd4Thi0!h1p;scoWdgOBy_
zfZNOKtIKtA3HZq}l3K<S1faCbJcOOmASVg}QVR@pPGU@aO*#S3)Yrja-y~??;bCPo
zX+=}p2->;=@(Aqo@e~>9=YBf~v_BK&hIoS4Z>Q)cUvIJGNc;L)G$8T55@3noT>)pX
zRX~98w0!L8bwxlCPy~PgLGLCJFmY?(O0`))pvdnTl5tB((e(;|WBfQU(e7vT2>McS
zPw+6C&EjMbC>R;g=pB#}fP3vwyi;_p;(G(%usC?0cU6BAP$dE7H+)Q|dEhBVHvj+t
M07*qoM6N<$f_d0`qW}N^

literal 0
HcmV?d00001

diff --git a/app/src/main/res/mipmap-xhdpi/ic_launcher.png b/app/src/main/res/mipmap-xhdpi/ic_launcher.png
new file mode 100644
index 0000000000000000000000000000000000000000..308150a824ec29bd80858acf4be03110cd637526
GIT binary patch
literal 1681
zcmb7_YdjMQ1ID+t7_pU++vrHiT%wjZ<dWNLZRAp>p<zSr9J!VdVu?ZyiDNk>N_Ln_
zlBSqT%*bIaG?PmmhISn6EIXaw`+GmVpWf&9d!GOI=lSsDopnVk%4^62002ddi=)SP
zlKwSB=6edt5-k7#83M-fv{w>u#V<S*aZcGLF`+n8JRUkOHpty@2dgO8VX4u(uPICG
zRC;6&cU@!T>I(}WgyI%vrh6t%UO-Zv7#pMK!M$K=??jkW*cF;_*!79fFdjKLAxQ9J
zvETheFPhCMA?B!5D55DsIJEq&D|N(rbLyv60R6x6I{lRGSYtdZOQgOq*uYs)j9PF@
zZyyCMj-LYVit9G|kTnhIk51^=`BeQ&o9**MIU`~)X0>_pck@_PyV#QUnLB*`$6C;8
zEOx4ZUr2bAlz(SrAj4a=_czsLX6bf_o{FvE<3)s@RS48(anJa-z6&8Elus{>JvDwl
zX!?c=KY6GaGmGAzfnFGV;xJ-1B&}(#n`x`Xtn1s%UHqVIsJ4zdo>NU!^0ybo#1k}B
z7hfGAtuRLO7cR9lkWek8#LnBMRLfHD&ej9cO|!JLJsGZn+r(wnFBM<OyvU6svzKMH
zc3a;l+Vh9nI;dzRx3Ulbt?qKGk_S~ebJAjo4YCpV!<jp*aC2Q9bHU>I@%$jFrrPI&
z_Qr5L=MjRh+XqYuxI7FcuZw1A1v$z2@#_;(V9Qt&@M5+158W>!E*Xh5L&C8ACg{{}
zkYqa`$kyiur_<WO-yMJ5ZI=<0YVz~%Q@H4SZq>25+DW4=uKdRa&>H+)w{~q!Q~*9>
zRlNS`vzMmizMy^WxhQbD&WtPysA;^Uwn=b)D}Q48U0-EyvSXq&{8nB+oMbpE2ogzY
zK4E%Vw!7X=<BOY`044!=XO`+Lf^R9g!t6to-}$RRUve{DL0p#U{gomIkqBQNXYBY>
z+fzW-o?IO);QzXEZ>cp+j)>(7@G~68a>!N`JyI9}1G<$i9s5{HMP|b#j8WgQXP&0e
zMX-;G6^tk_kg$)wH6qv>e9$J|$K=gN4L$BLD^*H#=KS@hg17Tr&J}Q-j=ELm5&bK3
zgwZ!Lq?i+=Gdk+Bdxd@+mJN|~5_#$myEiN8`_je31Z7{3L>lD^@USnKQ?@VLDV5p`
zMg&5m5N8FvwTc7p+Qk;$jQU3Glxhkn2Ok@*-(8!hV+liP^Myi+%rN4nalEGj>tyes
z>6e%rvF<cWcfUHeGU2Jl+P47~_#r&-%yz%~+FjiM6KJcSkNOLyCg;Hc3@zQ%;2{%N
zKH`!zp?L8O_eKXiWEtjts!zYI>}x{z`+7OF5mMM+Y}eheJ~d+cMY>(jD2VXPah_G1
zs8u13>l6ne2^U{yYcfh=eY{wJ$zsnKPTSMWDqTO3W+n`o$l9;V>^osV&+ey!fQ<A;
z_@6aox_tZH!0ZLDoxSt?tjhE$dH=!%vxW>fY1<?e=R5tnoXnMrsZ@k_O&T<kbm3=%
zL7`^DUx_R-s0^T&E=T%*klysL!f?Gh_yYD7MbA~i3RqIL<g$f(!q$u5?Z!;1r?F)^
ztV?<{5<vRBN^(hlsLHF9wPc!>q9_i1{jT_!u{#FOz|Rd%vGK38rK!EH{<KcFEBt_0
zj2=nwqW)exWNAFqZ?q~p(@AbXW%zdM80&CrX5q_4o4rU2=Tj@z5Tt?T34NzK2}2~U
zYgGi9F2}g2XM^hS6LzE9u=0f8?vJ%0Bdxz!k*Au`o-B{2qDUW9E17j5oJlMxOXuk^
z!_1GuR*nvowA=m(<~-YXh~Kz3YMd?DO3-mU%^{}PWLfhaa;bzrl#USYz1vnF6aT$5
zbTGF_;fc>4dR#PzhC{tyCON#ni|=J;KbGHSw<3itB}u0mEs|61%>^#j1E~$(qvI<a
z@I8(0dwG-8{Z^5_$C9IC@Q`yn54tBx&^~kIY&*8O1!hq%R3-&{Z-4*)tngS16gGcL
z-BOVJrVa}H{2(A2sm<x^bCVn$K=PkQcf5nJRNSO7D6{zUA8}l4onC$i`gr7evsr<K
zP>W}3CVKs$m_F26gjO<~GjQ&_t>~6lL49e?Dq1tlZaOpLFj1K^zp0}0Lr~kz)Ggx_
z8~d9&1z9az&9ouPgN=@m%dT?-m%(WoP<^%8s;xhcdleqe3k}ZlA^b<dnG#v50%QKO
TI@b34)c`O~u8z;_Ntyouvoj%?

literal 0
HcmV?d00001

diff --git a/app/src/main/res/mipmap-xxhdpi/ic_launcher.png b/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
new file mode 100644
index 0000000000000000000000000000000000000000..a0c0ccc022c1736806939a09460fef110c4b8628
GIT binary patch
literal 2835
zcmai0XHb)i68!>56{RCcuuugeQlk*12t;&fQUwx3<kF;s8iGOsB8h<1s0aikD2Nnk
zLAo>%q)G`zKq4VDDT#<wudmFz@BMglcec#V?Cg)-vvZbUX%6S-mE;8gfZz0r(e>Xk
z`5(s3`P(y0Xm0_4cf!=jzy>|>EjuE?*%sW{Ut5{9T5-qSXRwHyO)Z~t+Q#Nq)faXl
zBY|IEj<&WzwezBE%+Q{k<ml&<5q;T<*M0ej#n@Na`}jOh`$S#`84Aww^1b_x-YBnY
zVIHe)qu{9K2oF@9?o{noUnrxeZ!2?8eSAD4!lQ3ZqnV|fv|DeeFTi2&Us@gG3`f$H
zH&P4eoA0AW8>+jjJK{-VGY6fc*1BIB<zHtZNE_*vx7`DK_~dk1V%B=f>|d2Ojz!s3
z<VatS7jKE-#OK~v9jCd6CiurczoV^ewwHxVeKN!dUJNqlc+?<9(vatMmkZ&kNpq85
zL`7NM@W}ij(U^$1#<QvymvWsjBf`9>&>F<qbz<o*c)u>^_4x%-O3KJ%D`1>C^nIL7
zy+3U3(E3v^D?E0C*pL!Q|0So;NTU~T9UlrA2m7yAkC_q<WXJEtLASQvxp8(MUvV_F
z@`OLlpSV@eGsOWnT(a{one%|dI(1Hv)We?^&k<eiUE@(#ZS=IArmIxziz^GoAx8qi
z{wnh&qNG&nHl+bq_YQJ9%nYit3SHF739jBO{nGacT6?^X%OsAg?qj9wH{l6K)3tqj
zIlap5to76u$!2m*{|L=vRuxH5K-BN%FZ~L#2_%L*Dx-@RI@M-o?Z71uPH=;z_{-cR
z4AibBujXy(=_44uk>-&D)NBQN29mf?SsJ*~D5nr44;yAHl00h>Xf&He&R6#k)b#1v
zXf9yznc@hpAaKM{gIxqkMdi-Y;#T@5DFAb-`(qQ1&?Y8mF<{k%@?UU({77X#@m!IW
zbAfYy%w+x3HYJFo7*>;64@18+)(mCvC<KUi2#2ybdsirl^-%QtfY=N0J`B`2J5G7Z
zW?UdM*YmqbSjn;0Or4!PK|#4nmm_ITLGLbf7dnOT<d?i~o)1R%oZPU?kkY)Ku?RWt
zmj=V|NrjJVjMF91WrSN?mZdDg!0s7GAZsx+nWfoB{n91h^3|*MffTCn&@7=&69U5o
zzbPSKSa)9A_@p1-YMp)4`cs)8VP20ZA_l;$StfGPieWd~KAlDXJpT~-a04T%wKEot
zV=P>`?MB%-|L_Ut-tD&U0l&=L&$u4Iod)wtPehE%-Yse98wL|0B>@(RLb_jdqLC3t
zEtHs{)YQ}*vdb1Jd?odvl$rCSqwVl$cR)GO1fe#wTaj7W7t_f=KgcjqnMwMl50Nf4
zzq-ADmu}*Y+eEju4X#p_?!Hu?dZXPFLIX2ykdDPN7+0Dgs%8T}4RYtSG)_MqLh<ge
zZExc*HOZ)Et67t3?96=kl1BEuP|7epu8FM=73SVO9%*u9riK=%B9mJn<Qnp`UvWjA
z-mC*78f!vMdhBv-#Rw94>7L9D_l31yICEw47VCR<T$ZrhbWDE7Wp~+O{)9U15D1Dm
z_C)<?xXJ*N+^|1v%UqrtZeyKi<5TpKemS>o7<SQE8p3=vx~OS<ie1&p8;lK{&9acu
z<%$U~8g6iH5GOU4udQEBPR2~bSCClY2d2GzHl43>Pi^PVddGx{Xou`_(Q!3cd_G`o
z>LDREAFSK$K*N_Y*Y%+mFF_=Gkj~2MK59(DQzg1a!8Qg|Lg{Z=(eBTWNqD=A)Z8;U
z&}j2xmr$cCh09<wTxCwm9IWqm0)IRJvq_+ysHUTN-}QWmd0)%Tv49uHAwilN;$8|;
z%f7kn04Vn>$!PL4L#dp{&fW3wMrjX)4Hrg7jU$jm`Fea}%~P?ap`oOluFnslU!Mfe
zmo&-fNl~h0ROcyvT_0mxA^8&+1-Ul8but2N@RppMa3Ed4%`(cJ6NPi`Vtg8NKwo!s
z-YAi^&rlVmy1$?&Fsjwx_F--pNBUfyl+{cImr-XUN7ThtAGqM5<;ojt7~R#@#I@zR
z$D<3alzL~x;U7_z9sbuYXJ`~no+*lv^=B?qFG;ehj%i+!G?ts1QxI~l(dx>i7euMa
z4sNC`1dy9jT?mc#Fw7K&EMukS(KuBi9`21Ko}t=M#W?ggLA310A}zwU2r~7_+be}B
zlefv&9u4`n1Z;Z~oT)w_OBfa%VCdTju{Ge5i)8q%L?(s@L1Pft7TPXm*G1c#BiXPt
zP`k#b;mzjs&^Wij_H9{dL+$I{9aQFP>*u0C?~wtH#DL><S5lcaEcsu7qq>sbCn0`0
zk}uhEbp#ca+_H8IL06laxv>++PWC^xhuVzs0-%!s2Nn<j*z^Hz0Q9#>^xv2K|4z}>
z{QAx}H9|WECVoHw5#ijzvsE+tT5nY)xCHF;!+gt|aTPu}&ve9qB5Ru82c7yr-3^;g
zUa9a56d?MWH+CHNbbP;xR96cD9qjnm#h-%u^Na94@$7qU&?C9O*+@CIOqjYFMEp52
z+q-`eP?Xkpb@Hjz7S(tB-0L14OQ21PS*q{F-*;Jh$07Fx4(0+zAez#TZ7ChXJmmgJ
zo%gk^w~03MDofo5LN!(}cx3492{R+W@*cL;S<$~F_t(A_lBRNm(=qaH{(F9>1R*Ns
z?1c=CGeQ^7O&0dp-x3cAf3n_t;}0WsK!h(>;56pZ#LnQ2X<gH`DFeiG+)qEYJX?`z
zQ<JXvpMQ9Xc!$*vg53|yUFJ_&bou-o<s5hWTnPd?xbPj@G9V@hGj%V^nKczr*qBqW
zwTE9zY%vWRZQpfk7mVxK(8cV2=AU9WZuHz}TB+!(s}%vRatx%Of5!5BI{9o()lRvt
zCKj;N!Tx)t-k0<#=pzHefM;VhTX4Go|3(eySqAGoeHQ08AgI80fjME~=TRllYfC$u
zEEwj)&A)|kY5)R|-<s~uq=;h^j0jbG4Krg0d9k<BhF|zYYL<*{rll>0AR{ifufw{w
zt{md`8XYmQb0Yfkxy?Q^k7yB2zUXid>ZAAqUC)(hNU@AreU1;lFU_Y_lH%E68d3GJ
z%#tb@|1hl+mIQgfxM5t8GoVjfQmHGcMbJ;oOiVJAmZdD5)-wHw9qpagNr8%91xA}R
z$IeSju=Ji!c+Y&?;BevVIign5ngfH?>QRfJzIk?L+MNM^J?JIV=7+==he;!I6YOfO
z;dT4}<gvs5g81*5fKL7e_h>+X<3BfG0C4|>;FB5vGh}CZ)Y)lIBS6O-*Lm1_!NKW{
zACRjDmRMOX36m}@zYOrdP%T$JupAp6I+`S*Xz@|Y3pyh#G86BF?XqPSah9H&5-Mot
zALcj|1NNUkd%9Ot!1=K9YWUt=hPr)xBVo4OIHfP>6wJNwr_zHr4<lMne-;s4Eh`l|
z&VV&R{I5uTt9nZv<9%f*%ZbZ+A(Y;@|DsIS!W=^yT+xRbrzi55xFpde%ftp3&Rwwo
z==1@_<$)>^7h^+EtE&VZ7Gcos%Ir=tIqB*bI1%r_FuQIKb3Oyw#K_<w!e=_nEQ%o?
zI2s;gb@?2u-*W!&ObRq&aPwB|)ta|y(%`0PzA3T)`5_H_OMZb~A#QSne2_)~zs1zp
K+^E#>X7ry##5D#0

literal 0
HcmV?d00001

diff --git a/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png b/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
new file mode 100644
index 0000000000000000000000000000000000000000..20666bfa491ef7e3c14c8daabf7d8e8de94622a0
GIT binary patch
literal 4138
zcmbVPX*kqh`~TXq&7k<T$X=Gn9!7R!$uf2-BYT!)31P}I6j@5eSjS*YmWT+6Mus7V
z5LvQsqakbdeV*yv^MCPN*YEn@*ZG`tUflONFYeDd_vcQqFf#<R@v;E`05-azXGL2H
zf5CE!Hd~F~X9fVyKSp{wHesVH7}i&Owinu`mU1UxAA}R4fzxvIfzotL()B2ttJ)lN
zST2+llR$oY{JD(wTS6&p=v5U(^c_}LB+x0WTf?Y2Zo$TC(+aRlU|F7CmEWxzS#c9n
zi*z#g|8QBcT1~MLy*f#4`dv10-{VmOC8BBfOK5~S3rmd9{}}n19rwI57bG4$b4yf8
zPSIL6HLFM(Q~Z@`<Xu?f<_pCe^)^VLhhA!vpt*tGE08W8YBlV&_)_q<hKRYH=Wxo4
z3noY{ZQwr6bGa6#${@;#2<&d<p`YH5aSP*8#}^`&Ga(wd)Rf|b-gI%6A+-yt{4}56
zH<TB74#G3|h_1{tLj?JG?+1u4tKSwhu8QVPd*bYz(dDgfJL3l$mK)!b&m$&LjH)ME
z2dX3-eD!6d)HE?dqj_Sk4!F2n6QW?uH>zYRH@}!JJY*&Q8j6+SxF|w34f?%<r66L7
zYV@Bo>|?GO^GXUxe&g3j&YAaX!gXN3Tid~jPbIWc%gMG8RazRoYPX^Ox<=48V!peT
z)u(_sq6_^qUE|=fBD{!E)XUjTa{p+b!{KA;Y+=4fAM?u5T2*wSU@#Y3!qCbkv7)dk
z(f};kb-8!OtceoV4in|jUeskMZ6DAyiio~@@@hu8RQ3Jhf>(c;x8>+qu{WQ=NZqix
z>#GLzHn9PAyl#~aTVhr%_4EH+AK5!UAW!ijOWlv&+YT{Md#ydWpw<LCMlV@>_%6g>
zVkG`-UtTq8h%?raR9JI~Ib87N<=54o)(7GaqP<0XhhtkOPN^EJ>nzq-#q6b<Qfsa}
z#qV*$U$mRFO!B5ocmG5*3^6%E+=f=r{#iC!-y`-?9YcMaWH_UXmUeYXx=%QtlzbFx
zNBjsa;5)8JY^*4&t*R2o!D>wrRc`TWEa|aZ2lL9qUt$rllYtysEY&1sxH`1F)#?Lt
zy>eaJ4&sZUpJ)hph8%pa+3o;$dje#kS#W&bD^yn-^YzPVVL$LEkKKEZ*nIGEZ79W(
zBFvgJF5k@KMY3bU{6f&@#t|QA$-92e?p=oHlctHh-UZQsyhTggSKKvhVp{itU~zWv
z%#OW7g5h|L`b#)N;Fr4k5PpMVS$^dUvkW1RR79I}Eg~sU6M_DXVAN$B6R7|LCno~C
zH>gS!WaiY;uy~@p-=tWx`$vHVC1R5n)(9HhqXdEkT#IG>V!unz#~Q{{v56QbZ}ESw
z=eS0YbE2NrZ-Gooo<z<V1RY7BB(D+HJ*^IKS}Nx}qJ0FKSxtNh*s<#R=ON*IDu>$9
z;E2vevK;%z_9J<PDAiVl+<`gEt0?7~JL8sb?5TEvDcvVO5t?5;xLG(U9zNEV8x}51
zC0AB2x34AE&#ifZ*`ysFf7JKaWky^M4YnR-B_GN9<t_7i7qv>lNm85o9;w*#Nf|0Z
zD~3ul1*aGHj>Y>>3pM>4_>e7j1B-6|d+mqpKQ`q2QC?-3lnhP}EI-emY^{v`<ic#K
zKIBB^V?T_P6edWgE?V@#bme^Men!iPNgboQcY3>n&QUA-SjT=|436_t<?0<X*3{Mo
zi||&X3O?&`O34P=vQt`Xr$3SB>bF$)#uG@C`HQaVsQ@_lAu-5RDEA-~gpe*)ee1e|
zibh~U@7|8vS!}6%dn9n|dmAhV9x=9PD4yy+#*lW6dyhnO2SZ97KEQ?>GJ=X)o`}fE
z4)-SG^U_9B1Pb|UgA7M|yxOe|8!lbrh8O+R?nMxL_;2~gjqxb@{7g`0$IP-Mh3Z<u
zcC6BpMjusQLFiXy_4hEPE|q9KfP2k`SgU*24Vp`i?iwvITS96IIxoyge|!sjBCc-{
z>zlOkl{cOJU2jhxr|j?ti|(bT?%1)3{h_a4t&Rmv5D8IbjVE~!D3iLRYv)}FkDIgQ
zye)|p4)%vOMgU5^jgz|tAT$;NKd<|IyH)n;Zo%)ipsjaWv4;9GJLjTGA{-nd8@-kk
z{EcI#8#MGHkd*O}HbY+shHVX8@gUOqAz!a)yypTDZEv+PfNV*<>t`HUPtE)^%&I(p
zmr>g@UaXR@A<v`BYwreitpz5&gQHS|xQJz2m`Or}VA!o|*S~Bs<eaxR((=d3O<(o*
z>f=%wQ&Xsjy+>r<h6|A09e7S)^R~IcYgEwsf$Vl+Y_#rGfr6S+zHN!m%{k|uS7l)@
zQmN~Dw_ND&L#JE>qkoC$ItkGOnXYHkuYpDs68>4Q<m$@XTa2mZxMOhrH#M9+_w3N9
z6UqOnx?V!V_QorpaSpEMhAU1##}2jcTV*{}0x7hO;otEIoKx6`^Qle0fohT)NVXf{
zVGbQOH$WGgdE)wNZg+^CR!}X%lhh`8dQ|xodre+BNV!)xIU1-yD3!4~kRTybAo$v%
z-Hgpy2xT4kP8<`PLAbC+L9o7`Hh0>=$g6bgm%<!x0TvtYgfkDGrDbvEpRM~R_gp%w
zoORFnUy2RRMPZq{yoAFR04dBPMu^jBUTu*O5E3xC9q0ALn&WdV1Faqd`Er2Jdr_9$
zIB?!+p!&6ngwP*4KRl|wS5o8q3v(aJH>S!NMaS@4M#kF@H^r5=WZfdE@uA^nP3=ov
z6Q~=T3h;KG-O74n_dSB={pKVic1+5-KQprt^GjK0Hu?3X>-sg-K6v=18j&u57G|Pa
zSkVhfl}Ft6kB+4y#*U)K1_ml-xi3znx3<&RH8%qp=p_2!c?t#|3CYa0)cb50OLj#e
z(5MiUkAI$OTtLb5;WJ$2^{5bXJfvBn{Yoe7&pFS^_A`j;<XNU3qIICiyI1cw-&eZS
z-Yz@<9GN`h)i7)!ls+G)xlLAAOg6^c11tM$Ub2Tg%RA@m7-jWNlptXNF^I+wO_-Wi
znf`H5qEz%94uy#iwmv9)i>a7O5~xhS#@~nssrW1~(<1}u32@QHwYT<G9jPzhJ?!83
z_VdNYcVZUZ^6*`j)e!`n0PvInFd>=XHSd6{Hyk4`>HmZ2=X_y4-kXqZ`X>*$^QHoO
zLO2I#e*&h><kPx0qpwz5wDc4u78gGE*u#-+x19a7ox+FASgWZHbimJJ;8T&hO2=~q
z<BuQvkT<U1tc%lrgffQ{HWg__n-SpR0PxmfrdgoM6gOb9Yf9BGc#F;}&&K@0;Ve=S
zCEZ1P*r$LQ0O^UiBbv>ispVUZPNC=t0tK1g91xZ6!;zXuMu3GGP+!z9KZ4T98clt>
zh@mlqMFYr5$58p#x9R>8<zE{IE6o)|!+9FyXmF;1Km+pcIe$s_R|x+99caP-*5cIw
z<0F0mMNi;bqet%1S0;4+w4CKQfO7!LAVLi3;YZ<I@Lm_S4sEu~47AV@8uqy_I*5WK
zDff}XQwy1akGAM&+RR36TyQ;u>i&{f>2G$C95Qn#d~%DBTBTiX!6}Y%Jw9^whQcEW
zl~=OuT*-yx?V~~lWB@?;0AA6Pe8w5mplO@U`AaPX_2A7Qt_HV&on(_ZS*xLyv*Y)i
zK!_Gl1{WK&W?#Rdoi;9Zlf<s)&?+y|7Bt*P9GujXe6Z9r%nW=M1m5$Zb}mRJ4Juuy
zDj(DnEFV5jf{^a{WKL(g=2}M>CK#R<klkqmXg5#a3|4u??O(o;-8dPK?KkTbPqk`=
zjo2M)7mXF;3uNP#Z7W<7Bjf=gJ|OIgz^^^a0plq<+dT7x-Eow<VXN&jKBOU1_V@HS
ztm?>qs*0J9qk3UmebuSd4ghB8kb@ebTM$FiMP?1ETfD%*zN-ul^D`^QL43BNV(6>E
zZ*opIG0Xi<p}}Ja8OuA<|5wX)#@z&jY=E$|3H%jSzpA%(H*H4BrGhYZ_pKdQK3>)o
zGsq6RI;F&Iy~mz^((K<MkgwTtY-b-?>-kYRjlZceB3s#+N)J5cK%U^BBO?dG>ZQ;%
z`M2Rw<{`4RT*IR@IqqpUp}DVvl4k@&SOG>FN&Xu=l_he1tYOmE@8`GOi@U`F=!)DV
zZ8F^UWGr(Z+Of=CkJ*iNNr=S?ev@LE$s~HHwxf)~9OKh(L5gmH+WEv3Tho{Mj-A6C
zGq1N8JL<;%05kKSg>!WcX1`u#t`XZQ{<QU0N2c<LZIkVTwAA!s;+(E3?;F_M^V0zX
z!o2%4Kb=TUWW$!k?v6O!>iOXk(S@hPQ+_gZ0fMrg&oW}`q2rpcIevW`XMch>!_t-q
z`_iFXN}<c;67h0=7}KyW)2Eb3`v9`!$9!Jb)WX)y^eeKzwvX3K<F90y8c(8hYKN6h
zWNO-Y1RAZrI^u@kvDRFI)r#NQ#L#KhWi|>xKH*6nTvYz)ASbcM9k#Q|lQr%WvG!W0
zHW^_D>A$Mn94`H_R7r#6qwd1DpkZ!i`CXErs!3&X;XEyV-oD0dq0#>oh`?3~GP`m(
zQq6t136c#BmLE`Usd=puT->^%L+^aSwLCS&>D`ti<d8{qxs2|aQddy<sHKEA3!u#f
zAcX)x2LNLJZ(ja8NB?%uqXVG4I2eEs`0-_WXKzA+@3{xRxlz|_Y`Q2gqX0JTo+lSF
ze`L*SnDy8$Hm(cLFwSw)(SJ7?ehgX!V?S)Xg#TvaLbf@eZ$1)?g=&#uIvypsJjMDn
z=oP4F?Ze5;DjVxlS+9M?Jd4VHIZ6ayPn(?Lwz#+1o%0XJ$Yg%>oWJP%KpUVOd8Q1~
z=2E-crxCOTDXkX-v$PtfUuu@VcK)_6n7iaF{#lMc94y>!$L13GMMkv>t9-uEW=+aR
zW3bK4M;zyl)saFEaR!2_N{lI#%DZ+qecas2cbhL%+_83C5FIJ+*}r)vzPPr|{D(!U
zg??w&s60n8`}?EIX`h$tw;!K+C>XoXx({nuZ7{Z~`>`}UT9gx=^0aj5ce>Fw*|bRn
zZl!!#q4jLyKJ`}-c^-P&C&=WLZy%baW9oKMD5Fh<X?atOd7wMeaucdlrl?vkgYM(R
z+3($}m>{uc9GEq|I62NK)I*n%naqm(0wd%3lPSzO&vVRNx;c*!G2r7I>dUP<Co4R)
m{$8A;@c-zkX}xwqDU|`;=CqovS9a&`*KMS4rdOfs9P=NdT5|CK

literal 0
HcmV?d00001

diff --git a/res/values/strings.xml b/app/src/main/res/values/strings.xml
similarity index 100%
rename from res/values/strings.xml
rename to app/src/main/res/values/strings.xml
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 0000000..88d246d
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,15 @@
+// Top-level build file where you can add configuration options common to all sub-projects/modules.
+buildscript {
+    repositories {
+        jcenter()
+    }
+    dependencies {
+        classpath 'com.android.tools.build:gradle:1.2.3'
+    }
+}
+
+allprojects {
+    repositories {
+        jcenter()
+    }
+}
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
new file mode 100644
index 0000000000000000000000000000000000000000..8c0fb64a8698b08ecc4158d828ca593c4928e9dd
GIT binary patch
literal 49896
zcmagFb986H(k`5d^NVfUwr$(C?M#x1ZQHiZiEVpg+jrjgoQrerx!>1o_ul)D>ebz~
zs=Mmxr&>W81QY-S1PKWQ%N-;H^tS;2*XwVA`dej1RRn1z<;3VgfE4~kaG`A%QSPsR
z#ovnZe+tS9%1MfeDyz`RirvdjPRK~p(#^q2(^5@O&NM19EHdvN-A&StN>0g6QA^VN
z0Gx%Gq#PD$QMRFzmK+utjS^Y1F0e8&u&^=w5K<;4Rz|i3A=o|IKLY+g`iK6vfr9?+
z-`>gmU&i?FGSL5&F?TXFu`&Js6h;15QFkXp2M1H9|Eq~bpov-GU(uz%mH0n55wUl-
zv#~ccAz`F5wlQ>e_KlJS3@{)B?^v*EQM=IxLa&76^y51a((wq|2-`qON>+4dLc{Oo
z51}}o^Zen(oAjxDK7b++9_Yg`67p$bPo3~BCpGM7uAWmvIhWc5Gi+gQZ|Pw<qsXkJ
z#UKj`c8#DW2he(+i|9&^{QOxN1tjFeAl4C$wk<6$!Hu;tK;hS+!ekG5&mZT4iNNbq
ziXSvf1S2Gd0gfLUJqYVci|hMuS_X7Y`=kA}2Zz5Z7Ww~~qq3*7i>a-Gll@<1xmcPy
z|NZmu6m)g5Ftu~BG&Xdxclw7Cij{xbBMBn-LMII#Slp`AElb&2^Hw+w>(3crLH!;I
zN+Vk$D+wP1#^!MDCiad@vM>H#6+`Ct#~<f_R)I<|+W)L)=C<FS+*s?z=kN7{Q21?(
zY>6VHL4lzmy;l<MYEx8~KG5K1pT0U^i|oh&-U7R6D8Y9REPu%~l)e8$xB#sMbWmvv
zdgy#xQFxTSYfpKoCRFwc-{JK1lOs(5m)=NY2VX=A=W?u$y68?sWcxO6T^SdVqIOJ`
z0<%h8kicZ>Sdk>`z6)=>Wh15Q2)dQtGqvn0vJU@+(B5{MUc*qs4!T+V=q=wy)<6$~
z!G>e_4dN@lGeF_$q9`Ju6Ncb*x?O7=l{anm7Eahuj_6lA{*#Gv*TaJclevPVbbVYu
z(NY?5q+xxbO6%g1xF0r@<!(+el1|4j{yt1~Vs7wpw5x-FtDD(A;*hOxY&zkq)^SRM
z$4w{(lTeXd2wV5XP{QhK%SGG1x}!yMrKE>Ix8fJ~u)VRUp`S%&rN$&e!Od`~s+64J
z5*)*WSi*i{k%JjMSIN#X;jC{HG$-^iX+5f5BGOIHWAl*%15Z#!xntpk($-EGKCzKa
zT7{siZ9;4TICsWQ$pu&wKZQTCvpI$Xvzwxoi+XkkpeE&&kFb!B?h2hi%^YlXt|-@5
zHJ~%AN!g_^tmn1?HSm^|gCE#!GRtK2(L{9pL#hp<C4N8t_wMpvEBE+9!@1(Gy>0xh
zME}|DB>(5)`iE7CM)&_+S}-Bslc#@B5W4_+k4Cp$l>iVyg$KP>CN?SVGZ(&02>iZK
zB<^HP$g$Lq*L$BWd?2(F?-MUbNWTJVQdW7$#8a|k_30#vHAD1Z{c#p;bETk0VnU5A
zBgLe2HFJ3032$G<`m*OB!KM$*sdM20jm)It5OSru@tXpK5LT>#8)N!*skNu1$TpIw
zufjjdp#lyH5bZ%|Iuo|iu9vG1HrIVWLH>278xo>aVBkPN3V$~!=KnlXQ4eDqS7%E%
zQ!z^$Q$b^6Q)g#cLpwur(|<0gWHo6A6jc;n`t(V9T;LzTAU{I<nV^EgiGUNsLgEDs
zkVZoVfS|G^$t~wk@w~l|_P;}a-gefH^GX*>Au*uEQ%Ort1k+Kn+f_N`9|bxYC+~Z1
zCC1UCWv*Orx$_@ydv9mIe(liLfOr7mhbV@tKw{6)q^1DH1nmvZ0cj215R<~&I<4S|
zgnr;9Cdjqpz#o8i0CQjtl`}{c*P)aSdH|abxGdrR)-3z+02-eX(k*B)Uqv6~^nh**
z<b`p}fZ<O_Dm=_!2o?vmD;ZE+PCPca6)ju-xpg^$g`Ft}nN&PoK4`V6F!klpX?$+>
zGh0A%o~bd$iYvP!egRY{hObDIvy_vXAOkeTgl5o!33m!l4VLm@<-FwT0+k|yl~vUh
z@RFcL4=b(QQQmwQ;>FS_e96dyIU`jmR%&&Amxcb8^&?wvpK{_V_IbmqHh);$hBa~S
z;^ph!k~noKv{`Ix7Hi&;Hq%y3wpqUsYO%HhI3Oe~HPmjnSTEasoU;Q_UfYbzd?Vv@
zD6ztDG|W|%xq)xqSx%bU1<hc*Wnq_LM0m(V<5VyJAiq#_@ZfKikrD4o%n&WO4q2ej
zIfyxDg(==DqbX`j=AvfHCX(KgVHyVe4WdRsQSTv_vR<)f4eJ?vBVt|h*)r9hD0!qP
zADW&jInS-o>f>fF#;p9g=Hnjph>Pp$ZHaHS@-DkHw#H&vb1gARf4A*zm3Z75QQ6l(
z=-MPMjish$J$0I49EEg^Ykw8IqSY`XkCP&TC?!7zmO`ILgJ9R{<i@p=4;z_i+sUG)
z0H)plxmrLFLJK@TX@g=ScvqG2p7(U*Qm9_23pWT5bI8fwu`7Z=jgk^X%~85x$${F{
z1e@9O3|NYMRL<+eQ@jDzgV`koqd!0ed!NJT0|TqwXI0vhyJ*Rx)W2jQ1dHJAQpah2
zD?l1K_i<FzR$c(nvUd?#!ZnJ1(sXmlXjQ!S6vd@pAGv|b=-w0bWA<-F>56s-ZY$f>
zU9GwXt`(^0LGOD9@WoNFK0owGKDC1)QACY_r#@IuE2<`tep4B#I^(PRQ_-Fw(5nws
zpkX=rVeVXzR;+%UzoNa;jjx<&<VYAS1p4G0Nz6N1)Ty^N(!C@$Hdx_Lajhe)Wta9`
zC^Xt(bd*jqqL^Wgm6LZlQYCis?7O<F8tCG9vmC{=JVts=z_(%waDz*rELTuiTWE!V
z#^5HTs}5ycsg)}Q+MkSRiA~SNR7?Yz9|<*IWeIh!5*YBnkr~@jmy$nc3@;cAw3t~~
zrO2txz)VL~#h-@P+icqy)Lh-{+Fyx%rGW&886dL>@ABmU5X926KsQsz40o*{@47S2
z)p9z@lt=9?A2~!G*QqJWYT5z^CTeckRwhSWiC3h8PQ0M9R}_#QC+lz>`?kgy2DZio
zz&2Oz<i!GDlpRuj0;341$n>o=yTXVf-?&E;_t`qY<To&+GNQx^TbA!#Vo1eA2Fa5|
z)EJG?^-6#e_uJ2n3b*&ZIiu((@V|j}k}0gKDz~`cOd$1y*~6HI7eLCUcCNSnjGFZj
z9U2KH3r4RoIx5~ko|m5j9q+sY8dqa%aN!JDGDW-!x0pgnYfjv#$rmC(j6gWzS|Ma?
z=YzVI^Orbj6!9?3zA+iVzuggd9f1`6(9ic#5{rEqsW)U&<QWvbC9!^>{Oy>?+7+I=
zWl!tZM_YCLmGXY1nKbIHc;*Mag{Nzx-<P4@aJOV*2fLzG!@ZWhwOPCxitK@~wHm-D
z1#!#3v^uQVn`zvEhkgS|%+BD3r0=A*BS75q`-e~Huc)1f+*vVD$&Z0fea~m?>#yA{
zTATrWj;Nn;NWm6_1#0zy9SQiQV=38f(`DRgD|RxwggL(!^`}lcDTuL4RtLB2F5)lt
z=mNMJN|1gcui=?#{NfL{r^nQY+_|N|6Gp5L^vRgt5&tZjSRIk{_*y<3^NrX6PTkze
zD|*8!08ZVN)-72TA4Wo3B=+Rg1s<WiEcjrtmrFP?-xL`yZw%T20ll1iC&(Z%Bcm6_
z`-1;huVP#q&|&a5ZbSI%S!n;WS5f~*SSxIAXJ%>c>SX9*X>a!rR~ntLVYeWF5MrLl
zA&1L8oli@9ERY|geFokJq^O$2hEpV<D5M>pIW8G>PPH0;=|7|#AQChL2Hz)4XtpAk
zNrN2@Ju^8y&42HCvGddK3)r8FM?oM!3oeQ??bjoYjl$2^3|T7~s}_^835Q(&b>~3}
z2kybqM_%CIKk1KSOuXDo@Y=OG2o!SL{Eb4H0-QCc+BwE8x6{rq9j$6EQUYK5a7JL!
z`#NqLkDC^u0$R1Wh@%&;yj?39HRipTeiy6#+?5OF%pWyN{0+dVIf*7@T&}{v%_aC8
zCCD1xJ+^*uRsDT%lLxEUuiFqSnBZu`0yI<gg`ef@G-s?|xXp3&RHqB9NzDVz5&E`<
zn|5Bf$qFi6W#8J=R=C#@*NEn*RlfXsRY-Dp`<X>FSv*ajhO^DNoi35o1**16bg1JB
z{jl8@msjlA<e`^h=Z8oA=OKW51p)^CZPw4ld;k`T3Wbt#0U111K=bzp3&)WWGDJ3W
zC$=E!w=~$d0hCe`rWhqxnkVh;@K9>n3`qW{1^SIklxN^q#w|#gqFgkAZ4xtaoJN*u
z{YUf|`W)RJfq)@6F&LfUxoMQz%@3SuEJHU;-YXb7a$%W=2RWu5;j44cMjC0oYy|1!
zed@H>VQ!7=f~DVYkWT0nfQfAp*<@FZh{^;wmhr|K(D)i?fq9<M3WP)O7zF<!PXt`n
zW=w*IU$gzHgkeL!Y#;^g!Uak2OrTjGF$uJQowOknjs)=lf@;GAns|qZR(LZ&lw<_%
zK?F?j4YZ)`)Zp=+aiwKz**}z|1eVjpzM=osRDTkdRQ>r2FEIatP=^0(s{f8GBn<8T
zVz_@sKhbLE&d91L-?o`13zv6PNeK}O5dv>f{-`!ms#4U+JtPV=fgQ5;iNPl9Hf&9(
zsJSm<p93&4gDZYcC2+<7H?f{~@$%kIC|f;(sfSJPne&``?&F-b-tX6YdZ5tT#t^rt
zG7n*4Trrlc-(?Z(tS_YZQQ)Y?cMNpy$W&yiGUXo9gJe;lj%qcGlGBn-dcR^$3Fs_5
zu$kvCjEJ}Ui^X()cP4a^({s}oUt2RUP)q6z;smMW*oy#5qLxHZ1AswFOgnx7&IWN8
z06xM`SqgQglTAY+biCAA&cAIUvPu}a?TSiZN0N?-7LLiLssgVVHzY-nVi;4A;=x8n
zO@ffaX-#$GbDV7Obd*ixvC)R*RQjKS9H@%{Paz{U7%S0Xmf~WQNnvg%F`O$hqQ9eI
zE(1$YopB9|P=m%@#H(edX~W7&80!AGzMdT380nbkEVNKm_EM#o(B-h0YJ@{h$xsW%
zXRvL0C~=%mcW2_pBSd!XAdg|dkjG0yPtZOyae9jm>5iXIqN7|;I5M08MjUJ{J2@M3
zYN9ft?xIjx&{$K_>S%;Wfwf9N>#|ArVF^shFb9vS)v9Gm00m_%^wcLxe;gIx$7^xR
zz$-JDB|>2tnGG@Rrt@R>O40AreXSU|kB3Bm)NILHl<Qem81qAZwnTf&VXu)~D><r)
z18g#In{Sk6?}F44@Mv+_n7C>rcQ&jak^+~b`)2;otjI(n8A_X~kvp4N$+4|{8IIIv
zw*(i}tt+)Kife9&xo-TyoPffGYe;D0a%!Uk(Nd^m?SvaF-gdAz4~-DTm3|Qzf%Pfd
zC&tA;D2b4F@d23KV)Csxg6fyOD2>pLy#n+rU&KaQU*txfUj&D3aryVj!Lnz*;xHvl
zzo}=X>kl0mBeSRXoZ^SeF94hlCU*cg+b}8p#>JZvWj8gh#66A0ODJ`AX>rubFqbBw
z-WR3Z5`33S;7D5J8nq%Z^JqvZj^l)wZUX#7^q&*R+XVPln{wtnJ~;_WQzO{BIFV55
zLRuAKXu+A|7*2L*<_P${>0V<tRuzAkdWzz+5h7jo8oP>dVjlC|n^@lRi}r?wnzQQm
z3&h~C3!4C`w<92{?Dpea@5nLP2RJrxvCCBh%Tjobl2FupWZfayq_U$Q@L%$uEB6#X
zrm_1TZA8FEtkd`tg)a_jaqnv3BC_O*AUq-*RNLOT)$>2D!r>FZdH&$x5G_FiAPaw4
zgK*7>(qd6R?+M3s@h>Z|H%7eGPxJWn_U$w`fb(Mp+_IK2Kj37YT#Xe5e6KS-_~mW}
z`NXEovDJh7n!#q4b+=ne<7uB7Y2(TAR<3@PS&o3P$h#cZ-xF$~JiH6_gsv9v(#ehK
zhSB_#AI%lF#+!MB5DMUN+Zhf}=t~{B|Fn{rGM?dOaSvX!D{oGXfS*%~g`W84JJAy4
zMdS?9Bb$vx?`91$J`pD-MGCTHNxU+SxLg&QY+*b_pk0R=A`F}jw$pN*BNM8`6Y=cm
zgRh#vab$N$0=XjH6vMyTHQg*+1~gwOO9yhnzZx#e!1H#|Mr<`jJGetsM;$TnciSPJ
z5I-R0)$)0r8ABy-2<wkPatn?)b`7wG?VPZW69wN;gF6Hcw@+SI3wBBUtVM;^nDxr;
zOw@}HZR0+=4Eg>y&`2$33xx#%1mp+@1Vr|q_e=#t7YjjWXH#3F|Fu&ltG#+-tE2K7
zOJkYxNa74@UT_K4CyJ%mR9Yfa$l=z}lB(6)tZ1Ksp2bv$^OUn3Oed@=Q0M}imYTwX
zQoO^_H7SKzf_#kPgKcs%r<l0PY{=(svpsKlZ?_+BrT_ds-sT3H-qlBnDQJT*ucs0m
zbPX4qaZuhbp%FSZ{Y7p~l#@)5KT1s&TSZ}Wg$qSwcXKCew=8NS!4W1e{Q|?!9eG^v
zQWZ8M>4BFUyAK9MzfYReHCd=l)YJEgPKq-^z3C%4lq%{&8c{2CGQ3jo!iD|wSEhZ#
zjJoH87Rt{4*M_1GdBnBU3trC*hn@KCFABd=Zu`hK;@!TW`hp~;4Aac@24m|GI)Ula
z4y%}ClnEu;AL4XVQ6^*!()W#P>BYC@K5mw7c4X|Hk^(mS9ZtfMsVLoPIiwI?w_X0-
z#vyiV5q9(xq~fS`_FiUZw->8Awktga<tS2TUBwv(V(GLz>>2SrWyvZ|h@LVFtnY#T
z%OX30{<CR{1dX4_88vcTN2W_z$|=%RBjz{I5#_g=`Y>yiSov4!43kFd(8)cPRMyrN
z={af_ONd;m=`^wc7lL|b7V!;zmCI}&8qz=?-6t=uOV;X>G{8pAwf9UJ`Hm=ubIbgR
zs6bw3pFeQHL`1P1m5fP~fL*s?rX_|8%tB`Phrij^Nkj{o0oCo*g|ELexQU+2<b0b^
zH6Si*&}T1;-IIYpVfU-sbg3b!AY(3~!W5e052of>gt66=7}w5A+Qr}mHXC%)(ODT#
zK#XTuzqOmMsO~*wgoYjDcy)P7G`5x7mYVB?DOXV^D3nN89P#?cp?A~c%c$#;+|10O
z8z(C>mwk#A*LDlpv2~JXY_y_OLZ*Mt)>@gqKf-Ym+cZ{8d%+!1xNm3_xMygTp-!A5
zUTpYFd=!lz&4IFq)Ni7kxLYWhd0o2)ngenV-QP@VCu;147_Lo9f~=+=Nw$6=xyZzp
zn7zAe41Sac>O60(dgwPd5a^umFVSH;<7vN<lRA{u-cX8bx?_y2UOPIBB44tjb`IcO
zp6}D0iM}Wf<X;-2WV;9t=wB-R;oPOu2a3g;jpSOFhzk7@VMA`wh-)A@F!Dfu=sqs}
zh3d@>>o;}YlMYhBZFZ}-sz`P^3oAI>SCZy&zUtwKSewH;CYysPQN7H>&m215&e2J?
zY}<s6FT=4{CBlz(b$RJTR}(J~<Q5p;B(@DqA^RlVZDzx`pO{;1k_P+NqV@g@*Y^!b
z9U}UTEbwfq?TYFSxZwif?AY?14KWTB-2?`^zPb+j`a1PC#>>5N-LhaDeRF~C0cB>M
z7@y&xh9q??*EIKnh*;1)n-WuSl6HkrI?OUiS^lx$Sr2C-jUm6zhd{nd(>#O8k9*kF
zPom7-%w1NjFpj7WP=^!>Vx^6SG^r`r+M&s7V(uh~!T7aE;_ubqNSy)<5(Vi)-^Mp9
zEH@8Vs-+FEeJK%M0z3FzqjkXz$n~BzrtjQv`LagAMo>=?dO8-(af?k@UpL5J#;18~
zHCnWuB(m6G6a2gDq2s`^^5km@A3Rqg<a|J50~@3o(TXhi78&sK_*K=g#4V!%w9WX1
zYs8Dti=m0CkoIjQ_@!zEcwxjMKg29Zyu~nvF&-}n4!GMSQf#Q}f0>-oHZ68v5NqVc
zHX_Iw!OOMhz<DqCkmE7ZfX9>S=gfR7k;K1gkEwuFs|MYTeNhc0js>Wo#^=wX4T<`p
zR2$8p6%A9ZTac;OvA4u#Oe3(OUep%&QgqpR8-&{0gjRE()!Ikc?ClygFmGa(7Z^9X
zWzmV0$<8Uh)#qaH1`2YCV4Zu6@~*c*bhtHXw~1I6q4I>{92Eq+ZS@_nSQU43b<g9G
zTKyjN3#5Qd%<Udspb$!V=(rzilam)(#Fs}JSO&nUI(jg<k$kYl(6yA9p$mgFy3e(*
zC3Q3=H8|5%6t#ASoV7&?IEY8p2Gba)IVm>Zyidk@hd$j-_iL=^^2CwPcaXnBP;s;b
zA4C!k+~rg4U)}=bZ2q*)c4BZ#a&o!uJo*6hK3JRBhOOUQ6fQI;dU#3v>_#yi62&Sp
z-%9JJxwIfQ`@<lw;bqz7KXGLVZhZoATNK$7+zaq2l8<MFt|mtHt_xfk+;T^dvn|o;
zq?TCp3~w(TQ;2Ced?j+^z4{&N?QM<7<uDvgkT9(3GoQ@v8}d>w(_qH0J0z~(lbh`P
zHoyp2?Oppx^WXwD<~20v!lYm~n53G1w<bq30_n<2t=n9tt1+;ELL4Qmpi@2S;>*Ej
z9^B*j@lrd>XGW43ff)F;5k|HnGGRu=wmZG9c~#%vDWQHlOIA9(;&TBr#yza{(?k0>
zcGF&nOI}JhuPl`kLViBEd)~p2nY9QL<pZYd>dX42u9C~EUWsl-@CE;05y@^V1^wM$
z&zemD1oZd$Z))kEw9)_Mf+X#nT?}n({(+aXHK2S@j$MDsdrw-iLb?#r{?Vud?I5+I
zVQ8U?LXsQ}8-)JBGaoawyOsTTK_f8~gFFJ&lhDLs8@Rw$ey-wr&eqSEU^~1jtHmz6
z!D2g4Y<b?~IDfEG@|?}~@NK5%EfL8m#@}<DdF^rh-TmzQzJ%ZHlN`o&KN5&i%pd<p
zd)`MogP&IP-kj;}o?vMX8{j)4{4uo>h?3VE*W8=*r&G`?u?M~AdO;uTRPfE(@=Gkg
z7gh=EGu!6VJJ?S_>|5ZwY?dGFBp3B9m4J1=7u=HcGjsCW+y6`W?OWxfH?S#X8&Zk&
zvz6tWcnaS1@~3FTH}q_*$)AjYA_j;yl0H0{I(CW7Rq|;5Q2>Ngd(tmJDp+~qHe_8y
zPU_fiCrn!SJ3x&>o6;WDnjUVEt`2fhc9+uLI>99(l$(>Tzwpbh>O775OA5i`jaBdp
zXnCwUgomyF3K$0tXzgQhSAc!6nhyRh_$fP}Rd$|*Y7?ah(JrN=I7+)+Hp4BLJJ2P~
zFD!)H^uR2*m7<GPV#LHgsC6vhayHW))RX)=VMbT5C%W^{xi!j-vMZEwaizER{bn~`
z*%zcR6b|kIhmXa<;AK(bIsa28`ImW9qn5agw2WKSdP;oS=2TPFicFCWts(xLktJ_m
zD>GQZpLUVS#R3^?2wCd}<N5gl#_ofxV$#HpCC1rQ&C~<QDZZ_2sngr~G&@FH3O56i
zpYU+i^QFIyPm>(gcFcz!u5KN9ld<NJ){7KQD8%x=J0Jw6dq*TNp7ct#f48DN|88K#
zHN1PuP|UV`&5NH6UASf3;wmy!yfBZkt|!hg9d$RGx6Wl#lBtYzLYw$)guuvQcbZZC
zj7gb!+EQSI=jz>NJdh@%onf06z9m~T0n;dqg6<uAT+7VbZL2g(0eDJbOi8&OREsL#
zB+Z?@j2VQ0s4FHSqk1~JRK^IY#?axJDuN?H+C^M2;K4B1fQ{Df4T8j=B2vyZG&LP7
zui$FHVNSS%MFs}(Qi>@?>G@S|rPO*Kj>{su+R|7bH>osA&uD4eqxtr**k($ii`uO?
z7-&VkiL4Rp3S&e+T}2Z#;NtWHZco(v8O3QMvN0g7l8GV|U2>x-DbamkZo5)bjaSFR
zr~Y9(EvF9{o*@|nBPj+e5o$_K`%TH1hD=|its}|qS^o6EQu_gOuDUH=Dtzik;P7G$
zq%_T<>9O}bGIB?;IQ*H`BJ5NWF6+XLv@G7aZwcy(&BoepG~u`aIcG>y+;J7+L=wTZ
zB=%n@O}=+mjBO%1lMo6C0@1*+mhBqqY((%QMUBhyeC~r*5WVqzisOXFncr*5Lr0q6
zyPU&NOV}Vt2jl>&yig4I6j93?D>Ft=keRh=Y;3*^Z-I26nkZ#Jj5OJ89_?@#9lNjp
z#gfAO6i937)~I|98P%xAWxwmk(F&@lTMx63*FZ~2<ClX?bRjNezMp1%S|D?RB{q!<
zEggd%ffIqfo(4Bfx1#P{GLZ``)ZIGI_-D9_&deXQqYt61WxAuBfU`SCW=`I?(Sx0w
z1xkBAcgJ#_E>b{NHU+}EV8+kMAB0bM*Zn#&7ubt98!PT^ZcMOfwMgkYz6+;?CKbvV
zQ}Z@s_3JcMPhF&y1?}9uZFIBiPR3g7lf=+XEr9Bl%zRfGcaKb*ZQq5b35ZkR@=JEw
zP#iqgh2^#@VA-h)>r`7R-$1_ddGr&oWWV$r<x}DZ#bg++!uinCKq;~vC^vT3#yH_E
zs$t6fd0!OeHt{39E9Ex*H(#oq;dj+T-OVaBef>x;pkG0Yohp9p@In_p)hKvMo@qIv
zcN2t{23&^Nj=Y&gX;<A7`MA@yDtof9<+6Ka<)s5q3vdT|2G(LkRiq{LQ}ZLX%0?}`
zoBYW`p?I(xW*)#})K&792W~c8U7Vfv9k`-&Bj0_im@<_<{^BAxovM7Jg)-zd)FL77
z0GdgMk8H`jJ3_uFnKTf)R#VG`K)vMH*+we-BX5<M(Gv`O^;7g=tA0k}c*d@<H$0Nw
z^QAao)GY(CaU6bJ_V{C7?pAyCSI}G(s#2AnRMy}T6})4`;6f^2%?O#x{d>*vJ;kjM
zHE2`jtjVRRn;=WqVAY&m$z=IoKa{>DgJ;To@OPqNbh=#jiS$WE+O4TZIOv?niWs47
zQfRBG&W<EaZbDRqg?K!_2U-S@${R>GmU~>2O{}h17wXGEnigSIhCkg%N~|e?hG8a-
zG!Wv&NMu5z!*80>;c^G9h3n#e<GnZGP4AxF02!2}l|O+3D#j^WP~|FpQfA6|hRdwS
zIa{A9d~$Xw??68C#;=i47E!7>>SBt5JpCm0o-03o2u=@v^n+#6Q^r#96J5Q=Dd=>s
z(n0{v%yj)=j_Je2`DoyT#yykulwTB+@ejCB{dA7VUnG<H2k=F!^!asn0Syeqjv*PH
zM}MxDpnKeKGLA)cG!HXoIT#2&OIlx@1ore?mc%Gn*=YT^g6v7i7s@j|U%Cp9MUIFh
zv(GiuR(0m!jP##O8E;~swen$y%KT`ZC(h}-be#o4T{v@E9Bv!Az4`?QEb@(xkMt!p
z^)!YNe~4A^=QJTge?gJYXOA2vaF5>>4`oE?GFV4sx$5;%9&}yxfz<-wWk|IlA|g&!
zN_Emw#w*2GT=f95(%Y1#Viop;Yro3SqUrW~2`Fl?Ten{jAt==a>hx$0$zXN`^7>V_
zG*o7iqeZV)<S6=vQwnvz+BX*pjK+#g2&d}e&7sf7T*j9VUey;68OC&FKLaT}6`D|)
zUlYnV8^wicy=hE;&$nEiVbo0ppQ)+_VS>txtHUU2#SDTyU#@paP;_yxp!SAG##cB=
zr@LoQg4f~Uy5QM++W`WlbNrDa*U;54`3$T;^YVNSHX4?%z|`B~i7W+kl0wBB`8|(l
zAyI6dXL&-Sei0=f#P^m`z=JJ`=W;PPX18HF;5AaB%Zlze`#pz;t#7B<M-GIl$j*TQ
z?KP!fG0}GOmyE=70u40;@tK<Qp$qe4=K?NH`4m2H-#2rag*boGdFs0!Vi)dSdhqV5
zpcj&&SEf-eS5r9wLXd7GNV&F&-R`p+Vd^6T?aO7Gatc($Mf3pia>zq0;k8IyvdK=R
zBW+4GhjOv+oNq^~#!5(+pDz)Ku{<X$tTXZRJn{h&rj}s7rZIu)WmWA*fY%J|+BmN@
zLaTh;a1fE!z&)>u60bVjyym8Or8L;iqR|qTcxEKTRm^Y%QjFYU=ab+^a|!{!hYc+=
z%Qc02=prKpzD+jiiOwzyb(dELO|-iyWzizeLugO!<1(j|3cbR!8Ty1$C|l@cWoi?v
zLe<5+(Z-eH++=fX**O-I8^ceYZgiA!!dH+7zfoP-Q+@$>;ab&~cLFg!uOUX7h0r==
z`@*QP9tnV1cu1!9pHc43C!{3?-GUBJEzI(&#~vY9MEUcRNR*61)mo!RG>_Yb^rNN7
zR9^bI45V?3Lq`^^BMD!GONuO4NH#v9OP3@s%6*Ha3#S<?){D`p=@UhPJW%rI1>*;f
z6JEi)qW#Iq#5BtIXT9Gby|H?NJG}DN#Li82kZ_Rt1=T0Z@U6OAdyf}4OD|Sk^2%-1
zzgvqZ@b6~kL!^sZLO$r{s!3fQ5b<Yp-sP<2UYg<hksU52A%8|-o$8&DMB5F%z!9jR
ztj6+2s|e!%TJ^)|3HFQf!#O^;K-MkF_4jHOIE^(Xskxk{TF+Kw0kSI4lT_n%|06m1
zQ3Mi|JMgp1NjLPiwXYcE-X8eiF?H12GpB->HW}8r$uTVS*iw1u8^9{YlPp_^Xm5IN
zF|@)ZO<U-^xPAodX<lAEfqplo^sd~r=XsV^Dz|Foe3YWO9^tz&J2n5Lxy~s3{>ReX
zB*#tE<lWYJkyX62^W(k=0>bWEX~@f)ST|s$oUKS@drycE1tYtdJ9b*<T~8vt_-YSR
z>(uFTxNZ{n3BI*kF7wXgT6+@PI@vwH7iQS{1T!Nauk>fm8<V3`g4G-r!zX4MwU{d8
zCl*OywFH<hgEG9ECBvg8#yjEA$w63hu4od^uah*vC?09}`C|sZoNaM>gOLe`->Pi~
z8)3=UL_$OLl2n7QZlHt846nkYFu4V};3LpYA%5VaF#a2#d2g0&ZO~3WA%1XlerVpg
zCAlM;(9<WF5Igo}TVG_p%Z}ctzS(|1i05vs<17aRnekfF+jv51k-~GwKk4WD?jLG2
zy`BxEk9KKblX-;suAOs^8#D{&_iicr?lG7~5B#?iW5B6(0hrrVcZ2ktlFcH1RAV=<
zG({)|S2m7;`M6s*apu<<%a!sAZ)OnM)z&RQI?jh{d)2pmqI@&Xu^uD}b&mpaVXzF4
zKi&bewZN}S0zM!PJ1{7%``*x#sZR4L@b`dEz$euZow$t;95*jVV?3XHDsH^H*;F$!
zo!2VjD>OqH@`(>Tha{*@R%twB!}1ng4V=^+R`Q{#fkRk)C|suozf-uCXrkIH2SC^C
z6wlxR`yS;-U#uu#`OnD<PIu|V4$j^9VtCxo7&*YI{M0NH`ctXUcqQ`+ADzr~@|Zs}
z08FnNCRz>%U<41%C4mp>LYLPIbgVO~WsT1if)Y)T*8nUB`2*(B;U_ha1NWv2`GqrZ
z3MWWpT3tZ!*N@d*!j3=@K4>X*gX4A^@QPAz24?7u90AXaLiFq=Z$|5p$Ok2|YCX_Z
zFgNPiY2r_Bg2BQE!0z=_N*G?%0cNITmAru*!Mws=F+F&Qw!&1?DBN{vSy%IvGRV@1
zS<NSq0fsn2?)Z`#`+aZJ6Doywvf4szK9w(2fgdL{D8f|4s{bQBClQ;$NTl2!eeqto
z-XDk)h}X5;V=UDB5kQ}0zNEkQ{Vw9Is##j|s@|NzmaY+W64hr>->PARgL^XS!-aZj
zi@`~LhWfD!H-L0kNv=Jil9zR0>jZLqu)cLq?$yXVyk%EteKcWbe^qh#spHJPa#?92
za(N<tKb?I1@FhMN5PDD2p_4kPz9dc?WB+15g^z?98@ALJmzeyDZ~Tr8u#q$&m6+TS
zS282#ySe`Uw`48xO{}4TzYJdT--OZs2iYuSZ|~yl@|SUzHMF!-b}@8v`QP-NruK#!
z0`EYBsS2sTCQ_n67SOO+{X)__IEAdx8muIPH153UDmpQdv`Pw;i*#z!C#>(Kw0<V~
zpn6Zq^(VUTS+51RdP6_<>se^$<YYFd`Je6h?~miwRG{s?SSH{$@&l|Ak}i5fEir5}
zlSw1F-#ln9brgfY+M-Bl?)Q4|;oA=L@u`uJkibn?3{?j*qFikxUixB5-0#ESGkrWR
zMnakR21bzhZiSB~Xff5}65`NyGiPC@a!_`m#FxRsl+7}rEF!GIwWrNn)0!*nPD!AK
zrjjaZD^q?yi{@KgTX6n}Z?iNt!jzUhr+HdbdVWen?KIDDn=YA3sKA8MZniOthQ9gp
zq9kDN!Q4}MRmrH!%2Xd@Ybj>7nQUQZBet;C_Dj5(2_?TdrXFYwmebq}YGQbN5Ex7M
zGSCX~Ey;5AqAzEDNr%p^!cuG?&wIeY&Bm5guVg>8F=!nT%7QZTGR(uGM&IZuMw0V_
zhPiIFWm?H?aw*<a+;kuAS!&F>(v6#uVT@NEzi2h5I$cZ-n0~m$tmwdMTjG*of^Y%1
zW?Y%o*-_iMqEJhXo^!Qo?tGFUn1Mb|urN4_;a)9bila2}5rBS#hZ5wV+t1xbyF1TW
zj+~cdjbcMgY$zTOq6;ODaxzNA@PZIXX(-=cT8DBd;9ihfqqtbDr9#gXGtK24BPxjZ
z9+Xp>W1(s)->-}VX~BoQv$I|-CBdO`gULrvNL>;@*HvTdh@wyNf}~IB5mFnTitX2i
z;>W>tlQyc2)T4Mq+f!(i3#KuK-I8Kj3Wm(UYx?KWWt8DEPR_Jdb9CE~Fjc7Rkh#gh
zowNv()KRO@##-C+ig0l!^*ol!Bj%d32_N*~d!|&>{t!k3lc?6VrdlCCb1?qyoR42m
zv;4KdwCgvMT*{?tJKa(T?cl|b;k4P>c&O@~g71K5@}ys$)?}WSxD;<5%4wEz7h=+q
ztLumn6>leWdDk#*@{=v9p)MsvuJMyf_VEs;pJ<y{_VV!a4tk9(A1i3&q7?0(TsCti
zt2t4v6;A5Rg5tt*l<z&%*51aE;pV#@VhKgWVg%@eN^?9HNw&!B<Du6!<Y0V;9ueZH
zX)^on_(Lw+=^rc1?6C?qUeLQ$J^JR@u-z8RctzBHF3&3A8x|+s<MTGToeiLu8IXWh
z7A*T&I<ZE9M)zIF0cb6jyil=R;tLV_=m=|nzAiatUb&#L2>h?i3z7_W@Q|3<Iv-$p
zr4L-Ad1f8|Rv`U-45c4m#4Iu4BXPfse$;{u`z!SYGuqE$w@EC^O3G7bAcHkUy$13H
zkOUN&$30bJ)8jPZ$h9K>p$a}P@MQ-NpMtDUBgH!h4Ia#L&POr4Qw0Tqdw^}gCmQAB
z8Dgkzn?V!_@04(cx0~-pqJOpeP1_}@Ml3pCb45EJoghLows9ET13J8kt0;m$6-jO(
z4F|p+JFD1NT%4bpn4?&)d+~<360$z5on`eS6{H`S>t`VS$>(D`#mC*XK6zULj1Da#
zpV$gw$2Ui{07NiYJQQNK;rOepRxA>soNK~B2;>z;{Ovx`k}(dlOHHuNHfeR}7tmIp
zcM}q4*Fq8vSNJYi@4-;}`@bC?nrUy`3jR%HXhs79qWI5;hyTpH5%n-NcKu&j(aGwT
z1~{geeq?Jd>>HL+?2`0K8dB2pvTS=LO~tb~vx_<=iN8^rW!y@~lBTAaxHmvVQJSeJ
z!cb9ffMdP1lgI=>QJN{XpM4{reRrdIt|v|0-8!p}M*Qw^uV1@Ho-YsNd0!a(os$F*
zT0tGHA#0%u0j*%S>kL*73@~7|iP;;!JbWSTA@`#VHv_l_%Z7CgX@>d<wo!f?;Z%_x
zWtw_K!q_M8*$()&!aPHcZ3ugW`s`40Uni{PBW%;|JdfUNBW#oJJWt#NAn;M_z>hg_
zgn0|U)SY~U-E5<aLBxcqGBaf+uYD5o5TNm63}wyoP>{QiT@(uPp#1jaz!(_3^Cbz2
z4ZgWWz=PdGCiGznk{^4TBfx_;ZjAHQ>dB4YI}zfEnTbf60lR%=@VWt0yc=fd38Ig*
z)Q38#e9^+tA7K}IDG5Z~>JE?J+n%0_-|i2{E*$jb4h?|_^$HRHjVkiyX6@Y+)0C2a
zA+eegpT1dUpqQFIwx;!ayQcWQBQTj1n5&h<%Lggt@&tE19Rm~Rijtqw6nmYip_xg0
zO_IYpU304embcWP+**H|Z5~%R*mqq+y{KbTVqugkb)JFSgjVljsR{-c>u+{?moCCl
zTL)?85;LXk0HIDC3v*|bB-r_z%zvL6Dp__L*A~Z*o?$rm>cYux&)W=6#+Cb}TF&Kd
zdCgz3(ZrNA>-V>$C{a^Y^2F!l_<AwP8>%3lFe$s(IOfLBLEJ4Mcd!y&Ah9r)7q?oc
z5L(+S8{AhZ)@3bw0*8(}Xw{94Vmz6FrK&VF<D4FN)aeEY8AkUU<oHVRp64UimBNVG
zPmOVQuvnjJPR(~l<0v~2(F=*u3ingep6h^NZe3yEUL_kGO?D;I{O<HXqQi)T-q()m
zEw-i<FXFT+PLClyx677F%&0E?%>rJN;xB96QmqYEibFz|yHgUluA-=+yS}I-+#_Pk
zN67-#8W(R^e7f!;i0tXbJgMmJZH%yEwn*-}5ew13D<_FYWnt?{Mv1+MI~u;FN~?~m
z{hUnlD1|RkN}c1HQ6l@^WYbHAXPJ^m0te1woe;LDJ}XEJqh1tPf=sD0%b+Ou<!IGZ
zKsgDSYE#K6n~RRbM~@WstVuh9)moF#U9n>R1aCoP>I>GBn4C24Zu$D)qg=gq;D??5
zUSj%;-Hvk_ffj-+SI{ZCp`gZcNu=L@_N}kCcs?TyMr-<T#dJlx5oxO`inNn|CKXO&
zzLQK?yzl+O7g>37<G^Q(z2KFPh1%rFCK@?V*l8it<Y`;OnZeXPndYXlGvZ@!UVv^2
zD<>fhy$?a<7lt1`fZw<%$8@B6(Wgo!#!z9z{ab|x`+&;kP!(gfdY}A-GP&4Cbh-S<
z1(kmgnMyB2z3ipEj5;4<{(=&<7a>A_Jl`ujUKYV@%k(oD=cD7W@8~5O=R*zdjM_y;
zXwme~0wo0aDa~9rDnjF=B}Bbj|DHRQjN|?@(F^=bVFdr!#mwr|c0843k>%~5J|7|v
zSY=T)iPU6rEAwrM(xTZwPio%D4y9Z4kL0bMLKvu4yd)0ZJA3<;>a2q~rEfcREn}~1
zCJ~3c?Afvx?3^@+!lnf(kB6YwfsJ*u^y7kZA?VmM%nBmaMspWu?WXq4)jQsq`9EbT
zlF2zJ)wXuAF*2u|yd5hNrG>~|i}R&ZyeetTQ!?Hz6xGZZb3W6|vR>Hq=}*m=V=Lsp
zUOMxh;ZfP4za~C{Ppn^%rhitvpnu^G{Z#o-r?TdEgSbtK_+~_iD4<f6Y7V3YF<U&v
zVj0Pa&?~%lU;5MFr8Fr!=O2;I9E%%yuJRL!<OzA)w}+*QepCEc&lYp+cSX9rht2yE
zEfbwX1;;Usd(vWqv=rdELe;@BSnsTtd2_#ZQwE#*(Y``Ii@KLBwJC`YC8(n3!YO&*
zwA8x1tb$KHyiF%4>9xM;$}X*mJF02|WBL{SDqK9}p4N!G$3m=x#@T+4QcapM{4j|Q
zwO!(hldpuSW#by!zHEP@tzIC<ftg$q9K7f^TQ~x75hpz_*ll75X?KcXKjB7J>|KdD
z%BJzQ7Ho1(HemWm`Z8m_D#*`PZ-(R%sZmPrS$aHS#WP<b_K3Q@c>jH3EDitxN|DY+
zYC|3S?PQ3NNYau$Qk8f>{w}~xCX;;CE=7;Kp4^xXR8#&^L+y-jep7oO^wnQ840tg1
zuN17QKsfdqZPlB8OzwF+)q#IsmenEmIbRAJHJ$JjxzawKpk8^sBm3iy=*kB%LppNb
zhSdk`^n?01FKQ;=iU+McN7Mk0^`KE>mMe1CQ2a_R26_}^$bogFm=2vqJake7x)KN(
zYz;gRPL+r4*KD>1U+DU+1jh{mT8#P#(z9^(aDljpeN{mRmx{AZX&hXKXN<h<rn9VB
zjn*jhsA^>uxj3x*RrpjvOaZ#`1EqK!$+8=0yv8}=;>f=E?5tGbRUd4%?Q<cc8-A>L
zy$kq6mZeF%k6E1&8nwAYMd!-lRkhQTob$7s`*XqcHs;l~mHV}fx&0I&i!CHaPVSM{
zHdRh7<Yd8Xytn18mgkX!i|^GCCC-dE(3D0L^sGNL=5C||)^eg5NdM00mh8zeX^<y#
z&2aJIby3iS19Ho*oeMWdwmhia0Mp5;sOAuGVww{|=SaVtqgeul>a>hP)t@YTrWm9y
zl-ENWSVzlKVvTdWK>)enmGCEw(WYS=FtY{srdE{Z(3~4svwd)ct;`6Y{^qiW+9E@A
ztzd?lj5F#k`=E1U-n*1JJc0{x{0q!_tkD<_S6bGsW)^RxGu%Rj^Mvw|R0WP1SqvAI
zs(MiAd@Y5x!UKu376&|quQNxir;{Iz(+}3k-GNb29HaQh?K30u=6sXpIc?j0hF{VY
zM$Do*>pN)eRljAOgpx7fMfSrnZ7>fi@@>Jh;qxj1#-Vj}JC3E^GCbC(r55_AG>6cq
z4ru34FtVuBt)bkX4>ZFWjToyu)VA>IE6hXc+^(3ruUaKRqHnx3z)(GXetm;^0D95s
zQ&drwfjhM4*|q=;i5Io0eDf?I{p}qo@7i7abHX5qLu~VDwYf4bmV~-^M_U?DL(+cG
z{AyE^a|*73Ft)o5k-p)+GLXj#q01VlJ9#ZJkf|+c%6qfRgV<R5+UTr_+90OGWmS7m
z;q?P(_fconepip4k)6HU7092Q_m6ykGJx-)+pdigO6KNeh-_<~Y_WlFmr-Tj&9}5u
zeCf$j*o~m{lqdu!Lth&rcY}x29nI*8Y?GNg;}@3>p&6NsU3~F?!uh}HJm73xq>v$h
zYoW3wJE6n9P|;{8U<^%UE2wjR4x^G_Nc$J(i)!>;g4`CCh2z^Dth#ah#<`#axDR?F
z4>~hnN2%B2ZUuU6j>m1Qjj~5jQSdA&Q#7hOky#=Ue)}7LPJ!8nbZO_0Sw{G>>M7&E
zb1dy|0Zi$(ubk`4^XkVI%4WIpe?Bh!D~IjvZs14yHw=aQ8-`N-=P*?Kzi&eRGZ_6Z
zT>eis`!Dy3eT3=vt#Lbc+;}i5XJf7zM3QneL{t?w=U<1rk7+z2Cu^|~=~54tAeSYF
zsXHsU;nM0dpK>+71yo(NFLV-^Lf7%U?Q$*q{^j04Gl71ya2)^j`nmJ$cmI9eFMjp+
z#)jKmi4lZc<;l>!={@jTm%?!5jS;6;c*Ml55~r6Y?22B^K3bPhKQ(ICc&z%w<4W1=
zjTTtz_}IA$%kCqU)h#$!Yq>>2mVG}qYL}!avmCWYV}x4!YE<j!oVMvb8>eq)pgTp|
zR;+sk<i0M|cJ%Y;oVV#c-&)sBEc}b3*f4IJ@-*cG9V-4%sLCN@VSzt<WgB)QfUjT|
z4|T(_Hlnd@CN_4Q8UOy^0Ki8WnwymQJTV19QuzM)l4SB=$&dFJla}9EuK6s-W}19+
z^7Ga1LwiW{qkq06@O+r^_Yg%7Ro9MxS+g#FodbIEjW9|-UrH`|k49Qezi|Una<+Zv
zZu@_U*I-3I!93w%;-BO4HhlLf)Cw5faDBGnNuHgSkEYp@&MS9<EvwJtVq)?#%yWA=
z+>Huc7YXRLrcbYXt>?@pa{l^2pL>RrZ!22zMmi1ZR?nkaWF*`@XFK4jGh&Em3vn(l
z3~^Q9&tM^eV=f^lccCUc9v02z%^n5VV6s$~k0uq5B#Ipd6`M1Kptg^v<2jiNdlAWQ
z_MmtNEaeYIHaiuaFQdG&df7miiB5lZkSbg&kxY*Eh|KTW`Tk~Vw<M3M(m_<9S!nV`
zDzY8T8DAH(DiRR@y}HfHmJs{1GG->KC~+-GoYE+pvwc{+nIEizq<cM<7GICd!t<Fp
zS6#)ZM(CDnT2c@bn8^dH5Mn7Y6K5_vDT9Bk`HO*$G89poj3{}tb4o=@ex&%I<2WXM
zWPJ7GElfmI51ZQ4RefG!&p5oi$?lkDz2PU6$1_cdMpr{>6!xP>7ZQ(S2%48l$Y98L
zvs7s<&0ArXqOb*GdLH0>Yq-f!{I~e~Z@FUIPm?jzqFZvz9VeZLYNGO}>Vh<=!Er7W
zS!X6RF^et7)IM1pq57z*^hP5w7HKSDd8jHX!*gkKr<Tsi!u2^FB20W%BQYZ5)KQ$L
zBZ_m~(&z=z_bHU6yX*Y#O;EKF98J52TD>Gc-GssrNu5H%7-cNE{h$!aEQK3g*qy;=
z)}pxO8;}nLVYm_24@iEs8)R7i;Th0n4->&$8m6(LKCRd(yn7KY%QHu_f=*#e`H^U(
z{u!`9JaRD?Z?23fEXrjx>A@+a!y-_oaDB)o@2s{2%A97-ctFfrN0cXQ@6aGH`X~Nr
z144?qk;MzDU-cgQOLfT3-ZR#hKmYtKG*iGf4ZJ`|`9!^SkBDUUSJCba)>mM!)k~(z
z<MlkpcVBeX*vh=-GFiZS12N#Md{6&{y>djUqB`)~!UObMHB1b$UItM$<0kwlqHH;c
z=)+~bkOcIT7vI0Iy(wD)vsg9|oi##%Rgrq`Ek;pN)}lbpz`iv{F4K*{ZZ?Zjixxxr
zY|SPl2NsXH+5pimj+MvbZ_+HrfvdC13|9Zs)Y=nW$z<0mh<GitQ487GFo3dN5ShBT
zZ8<EFYJ-MdeLR{9xFDVnhwT@fWSs<3mb9?YXz@YP{GsY6>l}%irBSm5T3ZrN#2AhY
z_ZrTmS(L`U#y}VZ@~QL9wUS6AnU*7LWS02Xyz`b>%rTml#Wb0yr>@c(Ym*40g;P{V
zjV1XSHdU>oY!&Jh7MzhzUV8(9E+yl5UJYga>=0Ldjwtc`5!1>LxaB-kVW;IlSPs+0
zUBx=m8OKVp<`frNvMK>WMO(iKY%P<so97xfVbg0v>uvqD+PK*vP6f?_o!O)MCW5Ic
zv(%f5PLHyOJ<Tb=9-j6HkSOIE+QsoSmE5(Z*9l#bIVj4Av!-%TxAJ*LIZ)k}<E=M5
z8&8~zID(`+E!)HSu<G8+vminFC;ax|(elj2;7YfVa<M+CbkOPemAG#3eNCaipA(J#
zKp0Ny_GnN>2h@Yn_to@54Yq;fdoy40&sbe3A$4uUXHsHP_~K}h#)p&Ty<c(C-{cmP
zd0JxI&cB!QGA1VG>Ox(~JE?y(IBAQKl}~VQjVC-c6oZwmESL;`Xth?2)-b6ImNcJi
z;w|`Q*k?`L(+Dp}t(FocvzWB(%~9$EAB6_J6CrA}hMj-Vy*6iA$FdV}!lvk%6}M)4
zTf<)EbXr9^hveAav1yA?>O0aNEpv0&rju{(Gt|dP=AP%)uQm~OE7@+wEhILrRLt&E
zoEsF^nz>4yK1|EOU*kM+9317S;+bb7?TJM2UUpc!%sDp<o^NvIr13qoE+gG-rp{X(
zM}ATIEoEmu3*AKHeVl}A%qNKwe4Ge&&LS>}7!<`i=W!ot8*C&fpj>mk#<a@1Lml5{
zdPDeAHH~8@6spP8p>qt~GCeqcy)?W6sl>eUnR%yCBR&Ow-rc|q;lhnI+f-%`6Xf)%
zIYZru;27%vA{Qi2=J`PQC<28;tFx(V^sgXf>)8WNxxQ<D8vs)|&bOiN>wT14M9I6-
z+V0@tiCiDkv`7r-06sJS8@s|Lf>mV+8h}SPT4ZGPSMaFK7_SMXH$3KN7b2V?iV-jA
zh1!Z>2tv^HVbHnNUAf-wQW#zMV(h8=3x2Swd|-%AczEIWLcm~EAu7rc3s%56b;7ME
zj}$pe#fc^314Mb9i)xH^_#({)tTD4hsoz<Jv$gLvCcZoVeg{3PW{d}YEx45fdopMQ
zzh4|NvFea3>!7XcHUh9*G|}?k=D?9LBkTm2?fgaIG(%%$DL#}a-_990rQBU+M;jrf
zCcvgM`+oyZmsUqc?lly9axZfO)02l$TMS#I+jHYY`Uk!gtDv|@GBQ||uaG^n*QR3Q
z@tV?D;R;KmkxSDQh<2DkDC1?m?jTvf2i^T;+}aYhzL?ymNZmdns2e)}2V>tDCRw{=
zTV3q3ZQDkdZQHi3?y{@8Y@1!SZQHi(y7|qSx$~Vl=iX<2<dgX$f8@>`@y3eSYpsBV
zI`Q-6;)B=p(ZbX55C*pu1C&yqS|@Pytis3$VDux0kxKK}2tO&GC;cH~759o?W2V)2
z)`;U(nCHBE!<PCa+VaA+eoVg%s&pn6K+Fw6D~Bj(Sq7J}+z_hBY><ghN8H2rs&w3`
zvJRVn>-maQz%z#zoRNpJR+GmJ!3N^<X9k%4f!=ilpGFPH6h^v$(M}b6nqK4#$CIdW
zNzv+9n>@cA>0EGg?OtgM_h|j1X=!4N%!`g~%hdI3%yz&wq4rYChPIGnSg{H%i>96!
z-(@qsCOfnz7ozXoUXzfzDmr>gg$5Z1DK$z#;wn9nnfJhy6T5-oi9fT^_CY%VrL?l}
zGvnrMZP_P|XC$*}{V}b^|Hc38YaZQESOWqA1|tiXKtIxxiQ%Zthz?_wfx@<8I{XUW
z+LH%eO9RxR_)8gia6-1>ZjZB2(=`?uuX|MkX08<in7IG<(1M==n@8kE5Me589?jvT
z(VMo|{oN<TKZ8xV4K`3TfYNXV=KrnM{|906zl<<4RZrah5^Z&u&K8^y<XWR?lqpMq
z*!=RBg#KPn5F{_D#;;s7LX4X-88}i<*nHKzXX~Jcxa5xjm9ck&)A<q<^NIQiecF*)
zAceKtlM&yv?sj$cae2F$&iC2*iv5eVS>2Dz*=ep%hMwK$TVTyr2*|gDy&QOWu<aq=
zES%k$K3|^Rk9-==@u)!=KK2?QF2pCH+kJ5`B#dhzvy1$1H~~Fl0f`I-HG*-)L(~Su
zDv%Hsw!!ZhrZ<p$qVF6deM7+R8E$9&$kq?Wzc_dg`sR3f_WJ68dk7~=SSwOYapvQ>
zorR#*(SDS{S|DzOU$<-I#JTKxj#@0(__e&GRz4NuZZLUS8}$w+$QBgWMMaKge*2-)
zrm62RUyB?YSUCWTiP_j-thgG>#(ZEN+~bMuqT~i3;Ri`l${s0OCvCM>sqtIX?Cy`8
zm)MRz-s^YOw>9`aR#J^tJz6$S-et%elmR2iuSqMd(gr6<O2pC7_LR87#;Sdf%zzI*
zg)&032aiWaeCX%2H}S0O=243UHWOaOv9O9Zse8>a#gA_+=N(I6%Cc+-mg$?_1>PlK
zbgD2`hLZ?z<RAA}($7nPJ~Y%yBCghN4Iv(BPi6%p!!B0Z9H(i_4jmymVmat@5@x$f
z&P@#)-u%pG8st`SK7mwnnq|wi%`9aw$xiu;^g=5`J}Ve&NHoxRQ9J7@-8xy`^2}C^
zRcPOa$y||OOZF&k)*b$K-5!p9ohNx@R~fESqBhel16r=avP&wM(&`tkv`kWMA7_G&
zT9vw-v>4S~uhJf=rraLBL?H#c$cXyqt{u^?#2vX<rF~#xjm8V&3d$WjF72Yk9lqGd
zU2g#5`8V5mak#w|hV^_1GZo-D9~Ey;F|T*gu9J7}u9SD-u9f#*UlY~jE;s&U>2sFb
z^EU-9jmp{IZ~^ii@+7ogf!n_QawvItcLiC}w^$~vgEi(mX79UwDdBg`IlF42E5lWE
zbSibqoIx*0>WWMT{Z_NadHkSg8{YW4*mZ@6!>VP>ey}2PuGwo%>W7FwVv7R!OD32n
zW6ArEJX8g_aIxkbBl^YeTy5mhl1kFGI#n>%3hI>b(^`1uh}2+>kKJh0NUC|1&(l)D
zh3Barl&yHRG+Le2#~u>KoY-#GSF>v)>xsEp%zgpq4;V6upzm3>V&yk^AD}uIF{vIn
zRN-^d4(Sk6ioqc<Qp=>K@EObsAi#Z-u&Hh#kZdv1rjm4u=$2QF<6$mgJ4BE0yefFI
zT7HWn?f668n!;x>!CrbdA~lDfjX?)315k1fMR~lG)|X_o()w|NX&iYUTKxI2TLl|r
z{&TWcBxP>*;|XSZ1GkL&lSg?XL9rR4Ub&4&03kf};+6$F)%2rsI%9W_i_P|P%Z^b@
zDHH2LV*jB@Izq0~E4F^j04+C|SFiV8{!bth%<Tod{MPTY6WHO$dzNX4w2;pzb+Oem
zi}`RS_fkC+T@Og2_EV(M-iPFENHyx@oIv_MuPoIud-{e0V-Uf%7)@4g-N3gQm`~vx
z?xgzfHP-AqiSg$9SflWP^m#NOTddFU+M+?+(8lr_g^KY#6=U~7!isX>bz(KfCg42^
zGz5P7xor$)I4VX}Cf6|DqZ$-hG7(}91tg#AknfMLFozF1-R~KS3&5I0GNb`P1+hIB
z?OPmW8md3RB6v#N{4S5jm@$WTT{Sg{rVEs*)vA^CQLx?XrMKM@*gcB3mk@j#l0(~2
z9I=(Xh8)bcR(@8=&9sl1C?1}w(z+FA2`Z^NXw1t(!rpYH3(gf7&m=mm3+-sls8vRq
z#E(Os4ZNSDdxRo&`NiRpo)Ai|7^GziBL6s@;1DZqlN@P_rfv4Ce1={V2BI~@(;N`A
zMqjHDayBZ);7{j>)-eo~ZwBHz0eMGRu`43F`@I0g!%s~ANs>Vum~RicKT1sUXn<V_
zg@YtD9Y@=Wecy}B#uLZ`0Y6*jpV`vuxU~A+4P62y?i|jRG)tkWzXVjI@x6TqM$m}#
zbS|Bk;hWG!R)sJ3qv;#m`B;@pUIZ{OsCYTt%2wAuR~4+#U+=ZwfPhp%fPgsu{Rrcq
zL~bO~c18x)!WICYfrX*Vf6Lhu6}6<W1yDXGO*a;t%N?v5EEn88Lf2L+chf}>L=gOG
zDR`d=#>s?m+Af1fiaxYxSx{c5@u%@gvoHf#s6g>u57#@#a2~fNvb%uTYPf<C#}ju9
zHihjbYPO9=#1gmJRf;*(Y<k^4B)ySqM)!mgM>BoT_$~a^w96(}#d;-wELAoaiZCbM
zxY4fKl<v{zHLssJ@4LiFPH<esk1E$lEtkXM<D=k?FHU{G^xaGd3~L?TcX;B8eN|@o
zjj(tZEIt*eN_K^=W0b&P;RRu>S6-l1!b1!yra|`LOQoJB))=Cx<t5x}2d!26+-1C^
zR9eZmu9JG?UQV{RPjYn{+%DDoEfyXeJtq?V8!!z7MxQwlem<}2cde<XVcUvCW#h_c
zCr46juv}&4@(MVkKBg~Byf0?bz(EkPTt-l3s=>UAYqFcTDThhA?d}6FD$gYlk**!#
zD=!KW>>tg1EtmSejwz{usaTPgyQm~o+NDg`MvNo)*2eWX*qAQ)4_I?Pl__?+UL>zU
zvoT(dQ)pe9z1y}qa^fi-NawtuXXM>*o6Al~8~$6e>l*vX)3pB_2NFKR#2f&zqbDp7
z5aGX%gMYRH3R1Q3LS91k6-#2tzadzwbwGd{Z~z+fBD5iJ6bz4o1Rj#7cBL|x8k%jO
z{cW0%iYUcCODdCIB(++gAsK(^OkY5tbWY;)>IeTp{{d~Y#hpaDa-5r#&Ha?+G{tn~
zb(#A1=WG1~q1*ReXb4CcR7gFcFK*I6Lr8bXLt9>9IybMR&%ZK15Pg4p_(v5Sya_70
ziuUYG@EBKKbKYLWbDZ)|jXpJJZ&bB|>%8bcJ7<K?KbboaTR($??M~exw`OmcIx7v7
z={kv@I*3UBm_JtqtFd~^0Y(My{C)7O?M1s{T)vS@D($(u<W!r=KwzSywSmkU3_5Df
zP_MIU+Hxpz+^!NFy1LC7I-QOM=d{pcV`ef_t|-ECQ(2y-u2h-4>>l2>hXuf-h5Bm+
zHZ55e9(Sg>G@8a`P@3e2(YWbpKayoLQ}ar?bOh2hs89=v+ifONL~;q(d^X$7qfw=;
zENCt`J*+G;dV_85dL3Tm5qz2K4m$dvUXh>H*6A@*)DSZ2og!!0GMoCPTbc<nj>d!h
z@fRl3f;{F%##~e|?vw6>4VLOJXrgF2O{)k7={TiDIE=(Dq*Qy@oTM*zDr{&ElSiYM
zp<=R4r36J69aTWU+R9Hfd$H5gWmJ?V){KU3!FGyE(^@i!wFjeZHzi@5dLM387u=ld
zDuI1Y9aR$wW>s#I{2!yLDaVkbP0&*0Rw%6<cx1-RS5PNoNfinsujvxd(ZL|$GBWig
zRa-cyjbCj@hjimsWL8a15(2Yx)Y{G|kE;%x%FYu<@p92kV>bi(LtieJQ4(1V!z!ec
zxPd)Ro0iU%RP#L|_l?KE=8&DRHK>jyVOYvhGeH+Dg_E%lgA(HtS6e$v%D7I;JSA2x
zJyAuin-tvpN9g7>R_VAk2y;z??3BAp?u`h-AVDA;hP#m+Ie`7qbROGh%_UTW#<d34
zz&Cs3P;q?uMJ`^xLS#kTigwMwHwV0^d~LVUp9}r;c9y_pcT2*zFrI0v>R8yfGp<`u
zT0}L)#f%<U%8Y+)jqE&8ed=$=JjeSnb4Y#P_lkT5EqSi<>(XEE)^iXVkO8^cvjflS
zqgCxM310)JQde*o>fUl#>ZVeKsgO|j#uKGi)nF_ur&_f+8#C0&TfHnfsLOL|l(2qn
zzdv^wdTi|o>$q(G;+tkTKrC4rE)BY?U`NHrct*gVx&Fq2&`!3htkZEOfODxftr4Te
zoseFuag=IL1Nmq45nu|G#!^@0vYG5IueVyabw#q#aMxI9byjs99WGL*y)AKSaV(zx
z_`(}GNM*1y<}4H9wYYSFJyg9J)H?v((!TfFaWx(sU<t2;aBGeC3Et<4d@8=a1+y1+
zC{viFxsY`fMWFdmm8XA{gpkf9>*fU823wPgN}sS|an>&UvI;9B(IW(V)zPBm!iHD}
z#^w74Lpmu7Q-GzlVS%*T-z*?q9;ZE1rs0ART4jnba~>D}G#opcQ=0H)af6HcoRn+b
z<2rB{evcd1C9+1D2J<8wZ*NxIgjZtv5GLmCgt?t)h#_#ke{c+R6mv6))J@*}Y25ef
z&~LoA&qL-#o=tcfhjH{wqDJ;~-TG^?2bCf~s0k4Rr!xwz%Aef_LeAklxE=Yzv|3jf
zgD0G~)e9wr@<NAwXzn@Tr_JeoALXYsIL!5suMVtRWLsesHCk)H^$%gST+;+pb2o(2
zp@>)BCjlY84wz?$NS8KC9I$wf(T&+79JjF#n?BTI)Oub%4wiOcqw+R`R_q<`dcuoF
z%~hKeL&tDFFYqCY)LkC&5y(k7TTrD>35rIAx}tH4k!g9bwYVJ>Vdir4F$T*wC@$08
z9Vo*Q0>*RcvK##h>MGUhA9xix+?c1wc6xJhn)^9;@B<A{c%wXcknJHL8?TSUQilQ^
zT35Z%hWih0GcUZZgPv6G%jjVNuj1NPD|n^)OAlY0@vSi`)!cZk5VUw@Id1!S;G$IS
z`&_SaqDl=^3l4kv>E6i*Rl8VQdstnLOP1mq$2;!bfASHmiW7|=fA{k$rs^-8n{D6_
z!O0=_K}HvcZJLSOC6z-L^pl3Gg>8-rU#Sp1VHMqgXPE@<y_*(2S91GdCv4<dCoaZ?
zA?4TKM)S&Oq$p$!!5EeBG8Z?C<sUM7r)h{_98iuE!Rj!{@7Y!kZfGX90bSl|Q9|d(
zxcPg$!rc0(rdS0}iJHFbR3;sEmCo#kVYCM&ov7oV-K{L=<CqzGagYVnblf6_U&P1Q
zSLpH1tLN#w0fD5VX@bqBZp(8ahlk9j+Vf;gmN>9x&IHe;K3;!^SQLDP1Gk&szPtk|
z!gP;D7|#y~yVQ?sOFiT*V(Z-}5w1H6Q_<rHoVq2SN~wRz_&Lb+eg25kD%S_<hy!|d
z479UbBeZkS!YA}P`u8#z{w9z_yvIJnA$tgrix7XC=mr8W+{e#<F1sp_;_?cBaw`XT
z{bg_Y4+SLce<~np|HIGH9$+#+Xa9d4AC)F2<R~X3RKz7@#>U5JM#iW16yZiFRP1Re
z6d4#47#NzEm};1qRP9}1;S?AECZC5?6r)p;GIW%UGW3$tBN7WTlOy|7R1?%A<1!8Z
zWcm5P6(|@=;*K&3_$9aiP>2C|H*~SEHl}qnF*32RcmCVYu#s!C?PGvhf1vgQ({MEQ
z0-#j>--RMe{&5&$0wkE87$5Ic5_O3gm&0wuE-r3wCp?G1zA70H{;-u#8CM~=RwB~(
zn~C`<6feUh$bdO1%&N3!qbu6nGRd5`MM1E_qrbKh-8UYp5Bn)+3H>W^BhAn;{BMii
zQ6h=TvFrK)^wKK>Ii6gKj}shWFYof%+9iCj?ME4sR7F+EI)n8FL{{PKEFvB65==*@
ztYjjVTJCuAFf<rY<ZEMlK$u$5-g|rkMy)?}zrg<cj{J4~fJ^?r-mLI|&wp8-{--Y0
z$lBtc{7L`g@4CFzKLU6_{RUts#(({~fZ<<+Tq9>8I~yB-pN_PJtqH&j$`#<<`CruB
zL=_u3WB~-<Bwam@u?Y3tJi%|VkE@FOA_WbQgjf<(NEYJn?j2c2v5%5fY6*Nhc0Kf@
zGyVA6F-((}nGN@{6!@*o-0aL#%yo5ZdR<*#pw-c}Fqq{ED8`ZcDuWb@&5e@{u$??R
zV{;T)A~l!;PQl_M_0q-T2$E*e7zG=uI%X*)DM_7M7K_epWs6wGsb%#n4GsmXWLsXM
zBQM5{n74^ZHYhM!mF)Naiww}*4UI<SX?1IsY%1lG@fVF1N*k`uZNm&coJ%VsTi)30
z63S(&5hkN(3);{^TsoYpatne&4UxTgE!PzT(%CmU7wStmP;ts@1czZcK$fFnmQ60{
z1`faF@nb=Dgf<0A3VGLZjnb0{n@9h2n!kn_HCDKyXu;%%6d9Dt4i)X*2_22dAHbxa
z2srvHbi^3iUv%cZJHSx)8Kd(wg0x*i!0jVB91}Q)OsRD*{RUFUZe`rRbZj*_$$qM6
z%-6(nVT*<9hbz`OdMZ3^{PJ3{Yc<61R-(jj<Z3MHVtdi1*Jd3m$03jA7{pLqiqgWN
zuf`QaEabQ(LKVZptm-fx-rT-qkcLwos%8=P@J-?UgS&Rj;xcvu%L&V&GZ|Av2=2YY
zuK2muzm-$n>;t3q)iNn0eU(mF<W>Tih<4nOAb>1#WtBpLi(I)^zeYIHtkMGXCMx+I
zxn4BT0V=+JPzPeY=!gAL9H~Iu%!rH<j+~n)ld$6<geb2z!M*B;3n68THTn)6(b11z
z4m(Nwk^Vyz86bu0^6;Tn%;Ji#7$WO^G#_C0*A{VAYI#R4+3k40>0-S@IcG%~=tB#6
z3?WE7GAfJ{>GE{?Cn3T!QE}GK9b*EdSJ02&x@t|}JrL{^wrM@w^&})o;&q816M5`}
zv)GB;AU7`haa1_vGQ}a$!m-zkV(+<n8pPDe>M>q!vI0Swo18{;<>GYZw7-V-`G#FZ
z;+`vsBihuCk1RFz1IPbPX8$W|nDk6yiU8Si40!zy{^nmv_P1=2H*j<^as01|W>BQS
zU)H`NU*-*((5?rqp;kgu@+hDpJ;?p8CA1d65)bxtJikJal(bvzdGGk}O*hXz+<}J?
zLcR+L2OeA7Hg4Ngrc@8htV!xzT1}8!;I6q4U&S$O9SdTrot<`XEF=(`1{T&NmQ>K7
zMhGtK9(g1p@`t)<)=eZjN8=Kn#0pC2gzXjX<PjHqiA$Vvf_R%9gKYsvdV^zlWxqzf
z!#>cadjHMc_pfV(@^3541)LC1fY~k2zn&2PdaW`RPEHoKW^(p_b=LxpW&kF?v&nzb
z1`@60=JZj9zNXk(E6<E`2y|0HP0)>D5D}(@k4Oi@$e2^M%grhlEuRwVGjDDay$Qpj
z`_X-Y_!4e-Y*GVgF==F0ow5MlTTAsnKR;h#b0TF>AyJe`6r|%==oiwd6xDy5ky6qQ
z)}Rd0f)8xoNo)1jj59p;ChIv4Eo7z*{m2yXq6)lJrnziw9jn%Ez|A-2Xg4@1)ET2u
zIX8`u5M4m=+-6?`S;?VDFJkEMf+=q?0D7?rRv)mH=gptBFJGuQo21rlIyP>%ymGWk
z=PsJ>>q~i>EN~{zO0TklBIe(8i>xkd=+U@;C{SdQ`E03*KXmWm4v#DEJi_-F+3lrR
z;0al0yXA&axWr)U%1VZ@(83WozZbaogIoGYpl!5vz@Tz5?u36m;N=*f0UY$ssXR!q
zWj~U)qW9Q9Fg9UW?|XPnelikeqa9R^Gk77PgEyEqW$1j=P@<dE4w(u(3iVMi-8SY4
z3}C{Rr_5Fdb7Rr%)CRjq4+&Hx?mUJXe6rA*s&n~(V48wA1sGg{_CaE0GHmqWDt`D~
zX|%%BrEov=miSU@%ILVmtO!gF&qB~Zwn*+dVv$gW4nxk2U|7hBM@%!T=tG2}g!3V8
zkh2ON65LUEoMIT*<uZYoomew53~|P7OCgONbH$V*wBiXS3f4p|H^IsIX`jOD;1u>L
z*ndO!fwPeq_7J_H1Sx>#L$EO_;MfYj{lKuD8ZrUtgQLUUEhvaXA$)-<61v`C=qUhI
zioV&KR#l50fn!-2VT`aMv|LycLOFPT{rRSRGTBMc)A`Cl%K&4KIgMf}G%Qpb2@cB*
zw8obt-BI3q8Lab!O<#zeaz{P-lI2l`2@qrjD+Qy)^VKks5&SeT(I)i?&Kf59{F`Rw
zuh7Q>SQNwqLO%cu2<XTECiMRi^Gbl(lC2paG3*Thj*0)}Xq~An04S6wpQhX<1~$1w
z$|BShs8E$Oh2P_lh%5{Rt@}ZR@|tp`N8?PA&uzngg2`_3EJvV=voL0TNQlm`uQfnb
zmflQz*loTYcGz`!%+Vj=^M0e)jrIFBj=?aWXQV3D12mMODUEwaCDT}9Bp?=+Yq#K7
zp&vz<l)hrRjq0Yx1fxPL#%qOhE`AlXTtmsE?PArtiI!FPsPG%YD{1QYCJzkF(h3yM
zSgG22fY44@_X7qJb~JHEIIXuHl5OFsr%T;sn2uH&>lzcJ7eR*3!g<TJ_lZfH8Wr<#
zgT0tcvD1Q&1BtX2hf7@$jhm<`+i@heDmB$3?k`tQKjG^qZF&M6uLr9-`_h@i$<7L}
zgUL|Kf{v`NW#Z9N7|M>}U)9=EQ}js-q{d%h!wl6X3%H0Z2^8f&^H;yqti4z6TNWc&
zDUU8YV(ZHA*34HHaj#C43PF<m2DoY_InyxnT#nQbdAIC5&)!sabH!!uF>Zq7a><f0
zgtG{pGT8+md}S0t4`>=PMmj4+?C4&l=Y-W1D#1VYvJ1~K%$&g-o*-heAgLXXIGRhU
zufonwl1R<@Kc8dPKkb`i<Tc2Ft*8|Y%hdxlha;A>5P9VFT_NOiRA=#tM0WX2Zut)_
zLjAl<azDfvq~H_KwlbAX@QUQH^9B7mGKnyS-1=w5);r`=sJqkPw~ttGrcw9@zpN33
zC6*)>JS1&nnrL8x8!o$G+*z|kmgv4DMjvfnvH)7s$X=-nQC3(eU!ioQwIkaXrl+58
z@v)uj$7>i`^#+Xu%21!F#AuX|6lD-uelN9ggShOX&ZIN+G#y5<zsBg0Jzu|^0arbz
zHZiy8&9{9<=}nzl@rOCs!y6zYzW)*J$?3ymq5#w^1&H{60|ozf&;t&27aM?KJHT_=
z<UdaNf1K`#u@jOYj3_~Jugv)kjhZ$C{)TR=WdUcB0>T0q+RL*(T(EP)(nP744-ML=
z+Rs3|2`L4I;b=WHwvKX_AD56GU+z92_Q9D*P|HjPYa$yW0o|NO{>4B1Uvq!T;g_N-
zAbNf%J0QBo1cL@iahigvWJ9~A4-glDJEK?>9*+GI6)I~UIWi>7ybj#%Po}yT6d6Li
z^AGh(W{NJwz#a~Qs!IvGKjqYir%cY1+8(5lFgGvl(nhFHc7H2^A(P}yeOa_;%+bh`
zcql{#E$kdu?yhRNS$iE@F8!9E5NISAlyeuOhRD)&xMf0gz^J927u5a<R_91y>K|P-
z>B%*9vSHy?L_q)OD>4+P;^tz4T>d(rqGI7Qp@@@EQ-v9<l3HhbAKAXS;d<mAzAm?%
zWxLu`9iXuSd^l-vs5}td&}`9WmHp3f-ddBjF%W>w-;n;7N05{)V4c7}&Y^!`kH3}Q
z4RtMV6gAARY~y$hG7uSbU|4hRMn97Dv0$Le@1jDIq&DKy{D$FOjqw{NruxivljBGw
zP4iM(4Nrz^^~;{QBD7TVrb6PB=B$<-e9!0QeE8lcZLdDeb?Gv$ePllO2jgy&FSbW*
zSDjDUV^=`S(Oo0;k(Idvzh}aXkfO)F6AqB?wWqYJw-<Q4@a(N2WiV(%Vq!M!1j2wJ
z!(_tjDZ}FRqGOyyFaZ=BcaPLacu6&odeD1kOs>1wOn5!{-ghaHb^v|B^92LmQ9QZj
zHA&X)fd%B$^+TQaM@FPXM$$DdW|Vl)4bM-#?Slb^qUX1`$Yh6Lhc4>9J$I4ba->f3
z9CeGO>T!W3w(){M{OJ+?9!MK68KovK#k9TSX#R?++W4A+N>W8nnk**6AB)e;rev=$
zN_+(?(YEX;vsZ{EkEGw%J#iJYgR8A}p+iW;c@V>Z1&K->wI>!x-+!0*pn|{f=XA7J
zfjw88LeeJgs4YI?&dHkBL|PRX`ULOIZlnniTUgo-k`2O2RXx4FC76;K^|ZC6WOAEw
zz~V0bZ29xe=!#Xk?*b{sjw+^8l0Koy+e7HjWXgmPa4sITz+$VP!YlJ$eyfi<KyWTm
zFcof9N;tvhj*k<(tO<;L#aIbBw`3X1?v|{U!$P^D+Bj~@or<|6qo%K?RMVEGhD~Ka
zJ4LTJE~}5brdzk+`%xg32ga4AN^7K}=mu{->3^6gGx6jZLpbUzX;!Z6K}aoc!1CRi
zB6Lhwt%-GMcUW;Yiy6Y7hX(2oksbsi;Z6k*=;y;1!taBcCNBXkhuVPTi+1N*z*}bf
z`R=&hH*Ck5oWz>FR~>MO$3dbDSJ!y|wrff-H$y(5KadrA_PR|rR>jS=*9&J*ykWLr
z-1Z^<F@{b4F$OXI9nXROeH=v7we7Mk%PT*bsvs`65Ve~Mk98j+>Q<W<ER>OxE=!6I
z%Bozo)mW7#2Hd$-`hzg=F@6*cNz^$#BbGlIf${ZV1ADc}sNl=B72g`41|F7JtZ^BT
z+y}nqn3Ug`2scS_{MjykPW2~*k$i6PhvvxJCW;n!SK5B8Rpm41fCEdy=ea-4F`rN5
zF>ClKp#4?}pI7eR#6U|}t`DA!GQJB7nT$HVV*{qPjIRU1Ou3W;I^pCt54o|ZHvWaH
zooFx9L%#yv)!P;^er5LCU$5@qXMhJ-*T5Ah8|}byGNU5oMp3V)yR;hWJKojJEregX
z<1UPt%&~=5OuP(|B{ty);vLdoe7o^?`tkQa7zoXKAW6D@lc<Y9BEsxR99CK?eu(Be
zGA=o2I=p|tu*T4PbHe2diyG42d8!n4Hg)n2a4xjc6z78^o#R>+FTzucotaOfJ!(Bm
zHE8f8j@6||lH`y2<&hP}Q1wr(=6ze0D6NRL{7QaE1=nTAzqjIeD}Be&@#_d*dyurz
z&L7xo-D9!dS`i>^GaIPArR@r=N#-ppIh!UBcb!N*?nLUO+*%C>_dCF1IH)q>5oT(t
zjQo{AoDB;mWL;3&;vTt?;bvJSj>^Gq4Jrh}S}D>G)+b!>oRDWI?c_d77$kF5ms{Gx
zak*>~*5AvaB-Xl)IgdZ<t6nEV?}Cne<P-n&MECe~i3&sd4ZANKmk95&dg5wNK})LG
zCB8Pla-X7EnslQM^yf-}PB(m;Y8753eJ&Ix-9#IThb=9p5d$-pGni+k$)lElNRT8S
z2KNbs1uGE`I0DL!MEBb)!?uqF-gPGn_4IgS%r?~h{NnAe9R=0vb^&$>^Cupv6HxQ0
zM(KPaDpPsPOd)e)aFw}|=tfzg@J1P8oJx2ZBY=g4>_G(Hkgld(u&~jN((eJ}5@b1}
zI(P7<P_r5po)9z#EH~syS!Kqb>j443AZj*I@%q!$JQ2?DZV47U!|Tt6_;tlb`mSP3
z74DE4#|1FMDqwYbT4P6#wSI%s?*wDc>)MR$4z9ZtJg04+CTUds>1JSDwI}=vpRoRR
zLqx(Tvf34CvkTMOPkoH~$CG~fSZb;(2S4Q6Vpe9G83V={hwQ>acu+MCX)@0i>Vd`%
z4I8Ye+7&Kcbh(*bN1etKmrpN)v|=eI+$oD=zzii6nP&w|kn2Y-f!(v<<k5@rT?>aE
zKmOz#{6PZB(8zD={il`RO6D}v(@mN_66KXUAEefgg|;VmBfP?UrfB$&zaRw7oanna
zkNmVGz4Vhd!vZSnp1(&_5^t;eSv6O771BloJAHi=Pnn+aa6y(e2iiE97uZ{evzQ^8
z*lN@ZYx<-hLXP^IuYLGf<01O*>nDp0fo;;Iyt`JADrxt7-jEF(vv_btyp6CT8=@5t
zm`I0lW+2+_xj2CRL|40kcYysuyYeiGihGe&a)yilqP}5h+^)m8$=mzrUe`$(?BIY>
zfF7-V10Gu0CkWF)wz04&hhI>es0NS7d`cnT`4y8K!wUAKv<L<7Nid8Jrumy4N;IHd
z0paO3I2Y8JehmMfgyduZhif4rEPfg6bIuG&hw$^v0?8-vhVwO#EmG$GgX(#!Qo@^$
z<m+!1?0<C_U%$N(<^XtW4bWV(|L;4D|JhsoHH4d!NAbN}oKfJyuv5AQ6CP*V90d}f
zAmSLHq0?s)+8ts_)0k~2xCrIz!|z4!`W4%My`pD0zopO9WOJw=zZ>$H<u&P)<#gp?
z(e?3pi^~6P4M{O2ae7SeM+!0{y+F5rpa@NvJB^`+VBA%_JCR{x-;!_%(V_^C$+0Fo
zP2ZY+=+UhgjNlCKH0JAQaN!lp>09fa>KeNQvwUNDT1zn}_*RHykC$CD%*h7vRCQ&Z
z4&N-!L>(@8i?K$l5)13n0%VPPV`iG7Q$2{1T3JypLSvN%1kX73goBIOEmg=Uf$9e?
zm}g>JFu}EQKH>|K!)m9teoCmTc`y2Ll}msZYyy0Pkqjeid66>DP_?C{KCw94lHvLW
z-+X!2YSm70s833lH0o+|A%Xwsw`@8lE3ia0n_Dve;LC7@I+i~@%$lD|3fNf&R6ob6
z@iGfx^OC4s`$|vO!0jTWwVpX;X^EqJF{i324I>N=f@u+rTN+xJGGR0LsCQc;iFD=F
zbZJrgOpS;04o^wP7HF5QBaJ$KJgS2V4u02ViWD=6+7rcu`uc&MOoyf%ZBU|gQZkUg
z<}ax>*Fo?d*77Ia)+{(`X45{a8>Bi$u-0BWSteyp#GJnTs?&k&<0NeHA$Qb3;SAJK
zl}<dpK~|?-2MdqSy$cG$9<5m0w^hpeS#3f_m*8b`Btwh>H*~eyD-0qHI3SEcn`_7d
zq@YRsFdBig+k490BZSQwW)j}~GvM7x>2ymO4zakaHZ!q6C2{fz^NvvD8+e%7?BQBH
z-}%B{oROo2+|6g%#+XmyyIJrK_(uEbg%MHlBn3^!&hWi+9c0iqM69enep#5FvV_^r
z?Yr(k*5FbG{==#CGI1zU0Wk{V?UGhB<Ctd|b<#lQNMxZ5VviiRyuMI#pIiZ2^|JDK
zO3L9dCXa}f;^Y$f(=pZwzVcA246lD95B`-WJHN6#wg7oz3xL9W|C>Bfv9<dD0O1Z5
zDLG^Xl+Vlhxug@ILjD1CqP%*c+=P&Df^gw{NCD&our?`fOtE5SV=k3X|F3}{5*{RU
zTN!|*CN{h6y&J|<rmSR8TqE6jhSOEc(c5Lq7H6jK^9P{S<*}s>HP9A-AmcJmL^f4S
zY3E2$WQa<os1kLE5}@;1pUY1%3gz3i)o@!9{w3g}zt-AjedDM>&n#WRQ5DOqty_Pu
z-NWQGCR^Hnu^Vo2rm`-M>zzf|uM<GnavRyT%^9&KYCGX1vzC+ZzJoBv;GM8?M7el_
zOj4`ATGTY0Qyjz0MsEJ+d7MkgeT7odVS~t|L2-3{W5|1Mb|4}HxM{J)D%=MF#!F5H
z$znU~W8GDE6~2jQuI4MQE(l2$c<!zZW}|ItOsYzO@}yDhw1^oS#npP$zC*=lO$*6U
zu88^KQNrO|Xq6jw-X@)K(8^m_c10_RPV^ic1Vi^D1e|SZ@=YeGkvwPwnwfN*rB9q%
z-*Y8R$pQNHhf+PC3yqmzyMhS)YhbF{OjKYv9*GLYu_9w+4+Wa?dcPq`6UO1E2Ny<B
znj!WtPptmhi%@C4^+Q3%$RaJ9LHRmD{p0<C-3^<mgR}Lr>CUd1X0{wISJL2Pp=AO5
zF@(50!g|SYw3n<_VP0T~`WUjtY**6Npphr5bD%i3#*p7h8$#;XTLJAt5J-x~O1~`z
z`2<a~bE>C~P4%XSI(JbrEmVMEwqdsa^aqXWg;A6KBn^jDxTl!}Q!^WhprL$kb(Iqq
zUS`i$tIPs#hdE-zAaMGoxcG?Z;RO2L0Y|gcjV_)FFo|e)MtTl`msLTwq>po$`H6_U
zhdWK97~M>idl9GE_WgobQkK_P85H_0jN?s3O)+m&68B`_;FnbZ3W*Qm++gh<gg&=e
zndjA>Ss7<TnPD^1F;1U(juVW9o>|T4b7m~VVV%j0gl`Iw!?+-9#Lsb!j3O%fSTVuK
z37V>qM81D+Atl};23`TqEAfEkQDpz$-1$e__>X2jN>xh@Sq)<Ygb_LJo1t>I6sj@<
ziJ^66GSmW9c%F7eu6&_t$UaLXF4KweZecS1ZiHPWy-$e_7`jVk74OS*!z=l#(CQ^K
zW-ke|g^&0o=hn+4uh-8lUh0><E4`l}*L0l`Mtr6!;{!8(D|F|5-srYFMx1S#{CLoi
z-u@yl4F$V%pqJZK;U+B~so`D@_w#Z-bY@Qn=YAO{w^pRVf-oYOD2(2OLZqnWR4`y=
zDh@E^+A7oBck(|Ajx3`M4sUxg)ut2KB~3O;R|I=v4>!VIXXnQXwKr>`94+2~<;+`k
z$|}QZ>#pm2g}8k*;)`@EnM~ZQtci%_$ink9t6`HP{gn}P1==;WDAld3JX?k%^GcTU
za>m|CH|UsyFhyJBwG5=`6562hkVRMQ=_ron-Vlm$4bG^GFz|Jh5mM{J1<Tk+4XYX(
ziO#`V$T`))Hnit$gsM99=Wj7wF~qPn*YlclqD|t>`!!hAr~8<bbVd`cJIuqidsrOf
zU2boSJkW~@abR_!UeoB!SbqQ;aILZszb&@Z!rjE#A2zjDGylM{@3Xh6m}m%7>F^w>
z^YhQ=c|bFn_6~9X$v(30v$5IX;#Nl-XXRPgs{g_~RS*znH^6Vhe}8>T?aMA|qfnWO
zQpf(wr^PfygfM+m2u!9}F|frrZPBQ!dh(varsYo!tCV)WA(Wn^_t=WR_G7cQU`AGx
zrK^B6<}9+$w;$vra<KXC!@9QY7p=NFCVMP6-P}~2^ZJJ3eFVYE6&4hIiV8E=s8tr#
z0#qZaEmZE!!D0z*QCvpKn7H8h!avhr%{lz@vGDf7f)P2r!v7rHVgu9Ko#EnO@3(an
z?_kW{_uoD`nVxH1<HCRHk*AAK{oz3Y8>)QWMKf_Tnqg93AMVZ6Qd=q6rdB{;ZhsoT
zWy9QhnpEnc@Dauz4<m19Rdfw8y;`Kav3Hx(A`<JMc*}%4lpGR%kQ5PjiVk{h>!8gq
zqDanAX#$^vf-4~ZqUJtSe?SO+Hmb?)l2#}v(8}2+P{ZZuhlib0$3G0|a5?JR<k*cm
zCmOOnj3(-HNh(i177pAS7^kL4T{>>QgUUP$HTE5hb`h>imq#7P+Y*-UVLm@9km|V#
zoigziFt$bxgQMwqKKhd!c--&ciywIED>faY3zHLrA{V#IA)!mq!FXxf?1coGK~N(b
zjwu*@2B1^(bzFVBJO`4EJ$=it!a0kbgUvPL;Er(0io{W4G7Bkqh)=g)uS|l0YfD}f
zaCJwY7vR-D=P9M68`cmtmQ^!F-$lt@0S|9G7cHgT13A0xMv)HmH#Z<4{~iYo_VOD{
z5!kU+>mUOvHouw+-y?*cNlUlDwD#;6ZvAIc$YcwG&qKZFh>EtM(Eda+w)E$HcfZyB
zG*$<*ae_ApE%gxWx%O^~XMnRSNLv<hmJFP&{*xkGgV^OrK?1kLgGbB96vK2H_jZxB
z{uSH8-Mbv9D(hh0ecU+E0xnSpq9S%5YU?hQTM<WFbb895&H6T9H6~AYhFscp!GJw{
z{CMJQRqzreX33n*BIQ<*tXMmj%uX7F>!y`g99F(J_m)spJAc95P|_joOIoru%atbw
z9PYgkcE*8x#)-W{>96KDl&74iW<<I5n&4tNuY!4LW89B#)kHmkF)^##PQ>#wrK)1s
zxzU{`rW5af+dT6Z@_1dG<}CtDMT`EGVEXSL_5D9)Z;6UJe-TW7)M?bY%E;8G?Yc!$
zic;F5=#dba^P~7f#qvC}Nd#XEo2r_UlgfR_`B2^W0QjXU?RAi$>f&{G_Lu8Fp0qDp
z?vAdm%z#3kcZmaJ@afooB=A@>8_N~O9Yzu=ZCEikM>UgU+{%>pPvmSNzGk@*jnc5~
z(Z#H4OL^gw>)gqZ!9X|3i4LAdp9vo)?F9QCR3##{BHoZ73Uk^Ha={2rc*TBijfKH-
z=$cZQdc<5%*$kV<JTwx?Wn(uqpL99S9cOqdlB;ZG*LbZg!Ka?Zx({N4L0>o|{+bL3
zEoU&tq*YPR)^y-SISeQNQ)YZ9v>Hm4O=J)lf(y=Yu1ao&zj#5GVGxyj%V%vl9}dw<
zO;@NRd4qe@Et}E@Q;SChBR2QPKll1{*5*jT*<$$5TywvC77vt=1=0xZ46>_17Yz<K
za?9xqEdfacW8D|@q#P8^coE6j8@zW82Rl*skXUzNg8|`yh_|Ez<QOHIO{ab;wb2c-
zpc&2NC#^0HqUf$geRxB?^^XHPc`tc7Av0*Fsu&&vziVbfs5<(8uABi0!43C-&I}FV
z-&W55n6DcDZ7%+wV{kPqHvqGABY$aluV=9L`#xwsLVyXOJzhO&qmkkF`Cm4Q(he{(
zvprb*xwWF0QQu|L&9)}$Bwh)8_64+>biBoDffH(1_qFP7v2SVhZmA_7JDB50t#C39
z8V<9(E?bVWI<7d6MzcS^w!XmZ**{AO!~DZNU<pxH8Gxh)IAIm+Zb48*U>)pgr=yY1
zT@!AapE;<gsI*}-Da?=g8*q;d%H8vD(W^0r;;DQ~9M)o3th<${vKD^}5=NW#KU?EW
zh23}<+!)o|kzYJhS~Gs6+Fv`Nc7^UGW4&INySD#A51Npo(p8<dNY)vnQ+cG9ZHrc+
zl4o|9<gkNL)hXxTut*3&t(VaXirZ1eRqB~JTtKwbWRVOKnCiI>yg&hmj*g{I3vd##
zx+d%^O?d%%?Dba|l~X6ZOW|>FPsrjPjn-h4swysH!RNJUWofC?K(^0uHrBPrH5#W>
zMn8^@USzjUucqo%+5&))Dnnw`5l1mp>roaA99Nkk4keZl2wAF7oa(!x?@8uGWzc5Q
zM}g`}zf-D@B6lVFYWmmJ8a+_%z8g$C7Ww~PD9&jk<nl<d;?|xUi{p(U084GCmBMN4
zGFuz{A+U((wpj+c-1uBvX}MHY&K*h!He!l}HpWWz2)-P%&c)+E+b7UeQ`E6LxLc(&
zc6B+<KTUcZqh_;&LwyjloJ7F&d>i08NY!b!fK288R;E?e3Z+Pk{is%HxQU`xu9+y5
zq?DWJD7kKp(B2J$t5Ij8-)?g!T9_n<&0L8F5-D0dp>9!Qnl#E{eDtkNo#lw6rMJG$
z9Gz_Z&a_6ie?;F1Y^6I$Mg9_sml@-z6t!YLr=ml<6{^U~UIbZUUa_zy>fBtR3Rpig
zc1kLSJj!rEJILzL^uE1mQ}hjMCkA|ZlWVC9T-#=~ip%McP%6QscEGlYLuUxDUC=aX
zCK@}@!_@~@<J?+9-)*r5I{=D}hCY%rx`sl0_Jw~le^&*!YtV{Hcj*S)H-E3`In)2X
z@^|b*1L53_m$vc^8UC-t_tNKpXue%JsK(b1D~gVeI4Sln9Kogfm*rF^X&ziLd*z|*
z8?>z;70I+Hp5#Tq4h#d4r!$Np1KhXkAGlY$ap7IZ9DY})&(xoTyle8^<LCYg6(aW6
zy%{G)o970SPj-Lqi=`UVC)3TsSh}>dBXbQUhPE6ehWHrfMh&0=d<)E2+pxvWo=@`^
zIk@;-$}a4zJmK;rnaC)^a1_a_ie7OE*|hYEq1<6EG>r}!XI9+(j>oe!fVBG%7d}?U
z#ja?<qnwPve_3NqgW-6u^A{BN$AWAUcc%hfdf~fcjO8U~dDHuIhK?hwRL&O0F9C#Q
z-1+<O?F7fmi1n1;O~sr-c755<5#4$DRB3kMKAEI%*{v`j6-MQM@6iP6WYqbe-L-L;
ztt=ir<wfn`c?aCGe=AJJQ?|^S)D4L1@S8qo4g5nO$SBF^3Pv@+G0;do?W!x*=0CFT
zatuYcOA+J(#Va~A59>T@`XO(;q~fe2CfFm-g8FbVD;O7y9c;J)k0>#q7z-%oMy4l+
zW>V~Y?s`NoXkBeHlXg&u*8B7)B%alfYcCriYwFQWeZ6Qre!4timF`d$=Y<a(i0bbn
zKKQ{1eJrnxk%*tB_~e&wjFNh9B`YBi?xJv8vE_t*m`2O+;wM0OBw`ShXE;A5a=EOw
ziuz5v={b#v!z9w34UO*k#3zI6`U`aXicVHS5m*U7q0_hGy}+oZI^{&qUgX})LWH$$
zFM;*!BOQ2rK`7%^m@zRQzT<~~ZzW0e3fx!1+_)vH*WPU`Z}uTeUM31rt~Wr#(`kK?
zxTNyj((17b{_2O}H##&<;pY6@7)vBPoWNi<&A@aDT$fR#Cc-mO#<cDOrOg{JHW<+t
z7S=So=BNY<aJbCqWh9z8J|e8ewbfTq$Nf{sB@+g_VD`Ykx~tk+%l*gjEHWqIc#crJ
zYOX{g;0<%K1cv6srUYVUKngF98;qQBFaDKF4Dl2wb7SUr+mD9z4TeOMN!zwi^Znb|
ziK)KiGi}l^Rbw@Hqcu@&ALE?t@BK3xTo(rXyZj0QC!VUX^L?1zeJM7hRJoigLqF4y
z^w9Bt2I=<pilTfE=wR;O<|23c>N~_fPM5Kc8P;B-WIDrg^-j=|{Szq6(TC)oa!V7y
zLmMFN1&0lM`+TC$7}on;!51{<RT@_E@K=fWPGZZOy3nPlPY7Q4(DMf`4E{jCC+%r3
zps5XExcdx;&M<;I#HN$~15vUU2_wI}?-N7%1?-jXo{IDm8{a|JN9;;Fv_>d^&M`UW
ztI$U4S&}_R?G;2sI)g4)uS-t}sbnRoXVwM!&vi3GfYsU?fSI5Hn2GCOJ5IpPZ%Y#+
z=l@;;{<jkPKiGwtaZ+-<{3t<FV4%X@eDZyH=iQ)K$S!-t3X#-#Bp6RZ+)0c!Auu42
zUy^EMbno8)OL|bs7?*|jXf97OIJfRyi|nrG{{TJKXz`<AdsrXVB#KdnT;RBVUqMEM
z@(~pWl<GifrPhq<btJ+rJaC;VTa6|5NlhuP@h&4t;k)JW<17q>XiY_r#^RJSr?s1)
z4b@ve?p5(@YTD-<%79-%w)Iv@!Nf+6F4F1`&t~S{b4!B3fl-!~58a~Uj~d4-xRt`k
zsmGHs$D~Wr&+DWK$cy07NH@_z(Ku8gdSN989efXqp<EP1Av}JofrdXN7or{^(Q&IP
zm&2WJP0w_xq@J1=aG|yuieS}MHm|W%J8&cO*DV<E7=I31!S?q2gp0E02*`AU(5%_w
zP-ZZ@<io<0zc(nFOi#5*h@8Cm5s)=51O=v4hwOw4U4&NrEk6R;8*+?MJ7(uz^V9*H
z)<<Yg?^qHzElXr9?AQ`GEmedXvgE~$y!7FJOsW}SO3UQ|6F5)+7e@47@9E!e;eS%z
zgbbWa02@$DY@IBe0c)xMJt?M8Ne8gz9e|3xts^2tR(H)%sWm&#lTIW25EA<X6G|Xu
zwjeMTEs{1&-7MazKOuCzOT*v?&3;BH?B(A~*7nrvGcX3WxLsy=U9LNsb-lknL-NDM
zC{5oG1fe#NROct<MaMxUyC}Qx%-4+lwiXuymkCy{aqdU3YXRx0UW|=)=frymbQ|_!
z6RE{*nz|sqlxT?YzuAtu$Gog>reBSw$I%17RdxoE<5C^N&9sk!s2b9*#}#v@O@Hgm
z2|U7Gs*@hu1JO$H(Mk)%buh~*>paY&Z|_AK<qFt@cXN))G(1YlcAPtmHj#~eco8p^
z;k=X}&?zo@O$8Z`ek!f=!-2z8e*=Ci->f-?cz6jlT-v<MB#)k)myih=`Ssh@;;x}J
zO=L&!7fiX11t$*%H7VB5wo{JZjW1%IgWgXvd6F(0HB0F91z5JWRqIufOuu_cLA**Z
zmmw%qTf|NDak07Z7<oRn7_*JC+4`$%N{E9m4lEff#9|JoZM34#AXTyroO(bML3A>6
zF>l9?C6EBRpV2&c1~{1$VeSA|G7T(VqyzZr&G>vm87oBq2S%H0D+RbZm}Z`t5Hf$C
zFn7<mF7Xu8aH7&p+*&39KYKi-7OJO{aHNxXz_(kUPiXO$h1pPLlg!bekftiGcm@|n
zyU(ScX{zKfs^svS;XTOg!KfKY**%|-W9{|s3#Gj(QB-;}YLd871P?8UA`w0!A7QzO
zWc7gLe$g*X1OM+=vmP*Ogr9g&xg9ao2KZPbx&pzMzUeef)Ls9B(UPZ{LX-@^?(2ZD
z*Z+U=^^chSPm-dhm%j2s>X*;R_<CwObRhq40Y8dd5<<dXNQ8l6-%BVUErnsW_sE=(
z!O55%E<r;dR?1ZB7kCT6)?R}f%i9(t4I`(jRGO@oHWn&3E^YD89&5@Qt(w|48ry2S
zoB*bqc<9JaF&R#mfSH)?(VOoPH^|n<_Q??t4d71}zL8pZFSq=ZVZAbUXAgY3rpEPs
z*E|~UI$I6~XuCv1s$RdQ4N69~cKH@=e_A|e27l4@UEM(7&fSRN9z5g2ewF7V;V0|_
z=12=mDl3(R0jywl;U)QpaAsH_PgBTqbB<5jq*;UWQu2(lrC~=|Se2^MPArRvD40tM
z$6+K3$?BZv_k1Lilvq+L^AWEgNXK;#OAeJA_E;9iRbUP&JMUDK3P(=3R7Wt=Xr>D^
z#Ug0tYczRP$s!6w<27;5Mw0QT3uNO5xY($|*-DoR1cq8H9l}_^O(=g5jLnbU5*SLx
zGpjfy(NPyjL`^Oln_$u<sR&ps8aH4yQp{NS*Q%a0(@~r)xRsM(JD)2?t_AvTl475@
zn)K3fs>I6(aEh(iS4G=$%0;n39C(iw79RlXG>W&8;R1h;oVaODw2nw^v{~`j(1K8$
z5pHKrj2wJhMfw0Sos}kyOS48Dw_~=ka$0ZPb!9=_FhfOx9NpMxd80!a-$dKOmOGDW
zi$G74Sd(-u8c!%35lL|GkyxZdlYUCML{V-Ovq{g}SXea9t`pYM^ioot&1_(85oVZ6
z<s?t5SIP|7m@nUo6dTqLSV$Mw1iMSK9^=Y!=}N7?-PaxM9#3DE^=sKgl9p=DV}~&@
zYdmLsN{tFAHLs}Iz)`3D?jriOYih|L;lqCLr?EMkk$H3Jm`S~ZH1^!;Tq-R#WnmdP
zf~|;k11U<Y>UhCw#HkfCg7mRT3|>99{swr3FlA@_$RnE?714^o;vps4j4}u=PfUAd
zMmV3j;Rogci^f!ms$Z;gqiy7>soQwo7clLNJ4=JAyrz;=*Yhe8q7<f70~h#PTjf4!
z`0u<%63_AFLQ|%)&bj!``Adogjy)l3r;m#MCF2Ll@`C+DbXll(5X*?|^R&zX-3nTi
zgX@_6?<66$SvPV}kNSPWYtA`Cqk&5%{)w!d%IT$Hwf29}8g}kIASctNu@^*I`02h;
z;~Bi)HM29<Bc+-vXFbX5<q1<Hn`1ta&DKiE4CIn%PI!-mi4Wl&UZ0*jccw<R`3d&%
zL@$iFZ>*$Du970BXW89Xyq92M4GSkNS-6uVN~Y4r7iG>{OyW=R?@DmRoi9GS^QtbP
zFy2DB`|uZTv8|ow|Jcz6?C=10U$*_l2oWiacRwyoLafS!EO%Lv8N-*U8V+2<_~eEA
zgPG-klSM19k%(%;3YM|>F||hE4>7GMA(GaOvZBrE{$t|Hvg(C2^<r300+*m%A4XsQ
zfiH7ngallK6VqHlYML1}?e$Oz<lC(8-7kHC&IxkJU#Gz3a)OPkV=(kNkLy0Bxm5A~
zcc{pE&{?zIUPuZ>PEs<HpN+yarVkty9riOIB=3P{s0uCLYa6`aQz_aV&@Rrup^a{T
zTUBku`R)w=_*fR7p+jOGP?y*LP$rd9b2(C7D2v%Rxkl8$A(2n!M(aM%FeOa}8QGbF
z`hPlm3$Ut|_I+4HLP9|4?(R<M?(W!hONW$ncXxw;G}0m6-6;(sU4jVwx4+|g@oas4
z&-X2^b#36<bKf(w*3>i4+)w#P4jE2XDi2SBm1?<Kqf$kM@%mEPmcN#r-lwaPc=Mg)
z*m-p&Aw#uy3e*D=c!Su=D$*H%aU(oSf)=;R&*{PKh6q%|{w38RYSi*@a6tKAc<inN
zNb4RNNbAl69}bKaO(;chUy82_j5pdyDGnGe@=oYiVf%)@Zc6rOz-<ulQKo}s<`}k$
zz=)K6#!b71jt^)jDE!kxeOg_~;&1!o1GGpA6mm3Kczg<;zQP~%kv}k=HpQ5r@<`cd
zb!k6jFf8v1D)wJ97HgyDlElP>6NiSkOp-IT<|r}L9)4tLI_KJ*GKhv16IV}An+Jyx
z=Mk`vCXkt-qg|ah5=GD;g5<swWwFJHTUMQ?a%|=(gV}~ftE<qvKh(Z1Rar-oEJY08
zphNLm!uC|e04aV}K+`%33%)`8C7_Qi{)BB1Owc-76aG3*%cRe0&&9-LwVv~O!*$1A
ze4@(brH@f8wSP}01~4{G$#xd0GrC=&J7=yV@ZgzSsTgY&OlJZ4K`>gZQugsv!#)$@
zkE=6=6W9u9VWiGjr|MgyF<&XcKX&S3oN{c{jt-*1HHaQgY({yjZiWW97rha^TxZy<
z2%-5X;0EBP>(Y9|x*603*Pz-eMF5*#4M;F`QjTBH>r<Tu44nq(OCKtpe>rO$r3iz5
z?_nH<vaQE^^u_XG(5Lr(oB6nao4oQ=8KZ&JS)ZJ;U$^j52(`Qhcb3d1zaXxH?Z+kK
zo{eCoc#L2r61&TkC9Kh*^Ll2d0jYxGOHsw95>ysyjnizhZQMXo1gz7b{p`yZ8Q78^
zFJ3&CzM9fzAqb6ac}@00d*zjW`)TBzL=s$M`X*0{z8$pkd2@#4CGyKEhzq<e3VICa
zVXrK@mmDpkVLJj>QR!7*Lo@mhw`yNEE6~+nF3p;Qp;x#-C)N5qQD)z#rmZ#)g*~Nk
z)#HPdF_V$0wlJ4f3HFy&fTB#7Iq|HwGdd#P3k=p3dcpfCfn$O)<o&8NigX+IQx(_k
zt!6Q*5R+hsCh4Y5&L}(2M7@TsP%b<s3-cE9`BP8(x0*Zxu|;tEsxvN1!CX^JH+%d{
z#%PF!5ur~~Lz^$}zXbQdR+-dsE=BRoSrrP_RT)>C7;y;;J4Za_;+DEH%|8nKwnWcD
zBgHX)JrDRqtn(hC+?fV5QVpv1^3=t2!q~AVwMBXohuW@6p`!h>>C58%sth4+Baw|u
zh&>N1`t(FHKv(P+@nT$Mvcl){&d%Y5dx|&jkUxjpUO3ii1*^l<K6aNn&v)ViNI=Dr
ztm6c`Y(E;r83@Bjjq?m89qD)2N8WVbZnT@Rqwk`qe%u_QX;6s(1_KFnNvb;9|KvKq
zdzV4af>$zCE*>59`AvAja%`Bfry-`?(Oo?5wY|b4YM0lC?*o7_G$QC~QwKslQTWac
z#;%`sWIt8-mVa1|2KH=u!^ukn-3xyQcm4@|+Ra&~nNBi0F81BZT$XgH@$2h2wk2W%
znp<w2i)e>o1OZuQ1N>bX52II+lsnQ`WVUxmZ?4fR_f0243_m`mbc3`?iy*HBJI)p2
z`GQ{`uS;@;e1COn-vgE2D!>EheLBCF-+ok-x5X8Cu>4H}98dH^O(VlqQwE>jlLcs>
zNG`aSgDNHnH8zWw?h!<tB)vN)5FY@JvMJNFRSGqQ)8Y6+POoR72O@Ig1amD;pbM}A
z!_G?aSt=r|UNn^U7MVI;joP{9U6+jGunRq9JBhz0DQl2OWLL^=?3M-W(HD3y4YIDj
zts@CkCLg5q>tye^aN|%>@k;h`Z_H6*py3hHO^6PE1-GSbkhG%wg;+vVo&dc)3~9&`
zPtZtJyCqCdrFUIEt%Gs_?J``ycD16pKm^bZn>4xq3i>9{b`Ri6y<g65g>H|K>kfC;
zI5l&P)4NHPR)*R0DUcyB4!|2cir(Y1&Bsn3X8v4D(#QW<drU=}`!M~>8Dtv@D)CCO
zadQC85Zy=Rkrhm9&csynbm>B_nwMTFah9ETd<oWfFWz$bNGQ;eULeJVXJ<f7A9L45
zz2(RndIlv@ndf(ylJ5dB@f_#i*f_<xdRxxiY#<f0XG}~)k}3h-pn*{5Wf+rkTNVfU
zvu7LcI^RM=F>NcLU@J{haekA|9*DA2pY&A|FS*L!*O+>@Q$00FeL+2lg2NWLITxH5
z0l;yj=vQWI@q~jVn~+5MG!mV@Y`gE958tV#UcO#56<kOrH+so9B!Y&j2j%NPHe&Kt
z*Jlv04zu4KkKUnN@2v|A_s~D)D~i}2TX9VI`eb&ulUJY3bIAP`=W_MQ<p6TmCi3~9
zR#!gE)1vNaJJy(qr<zWLByJV5kQKURonRb61RNn2oARD`y%(o&)^UlpvCR>hn>b69
zM;lq+P@M<xt{ZP2IVZlQmaF6)dV;0T>W=cIvIXkQmKS$*7l|}AW%6zETA2b`qD*cL
z(=k4-4=t<W8Q>6FzQo#uMXVwF{4HvE%%tGbiOlO)Q3<z@q8w;^CEVc#*w>Y6D<5W$
z9pm>%TBUI99MC`N9S$crpOCr4sW<X@hV&j6o?mAg;rC>JHP)$Zg#N<bE4!*`Hm2T=
z5r3kQe#GwXxWTu&KEtE5F89pZOnr%ScQ_|6s2i!Oem1r{mi@4bd|9F-80WNw;hloq
ztW<@XG@{uj{gHBv_JxQ5>Xa~j?WeVo03P3}_w%##A@F|Bjo-nNxJZX%lbcyQtG8sO
zWKHes>38e-!hu1$6VvY+W-z?<942r=i&i<88UGWdQHuMQjWC-rs$7xE<e><_-PNgC
z_aIqBfG^4puRkogKc%I-rLIVF=M8jCh?C4!M|Q=_kO&3gwwjv$ay{FUDs?k7xr%jD
zHreor1+#e1_;6|2wGPtz$``x}nzWQFj8V&Wm8Tu#oaqM<$BLh+Xis=Tt+bzEpC}w)
z_c&qJ6u&eWHDb<>p;%F_>|`0p6kXYpw0B_3sIT@!=fWHH`M{FYdkF}*CxT|`v%pvx
z#F#^4tdS0|O9M1#db<blyW@3UaX=m-VC3C*AzpL%Zt@gt;JJjmzbO>%MF(5Opy;i(
zL(Pc2aM4*f_Bme@o{xMrsO=)&>YKQw+)P-`FwEHR4vjU>#9~X7ElQ#sRMjR^Cd)wl
zg^67Bgn9CK=WP%Ar>T4J<WQ3|95lNv@(iOW)=p_LUL!1-VhctD*z|@+j`co`Z66v!
z`^J+M`P0R<B6PayFir_vpL#_kCgB2Hfy(fZ`D(OZ){RgJUm9WP5I9_=8@>!}DcLDe
z=ehSmTp##KyQ78cmArL=IjOD6+n@jHCbOatm)#4l$t5YV?q-J86T&;>lEyK&9(XLh
zr{kPuX+P8LN%rd%8&&Ia)iKX_%=j`Mr*)c)cO1`-B$XBvoT3yQCDKA>8F0KL$GpHL
zPe?6dkE&T+VX=<EEjvDP6;>uJOjXyrq$BQ`a8H@wN1%0nw4qBI$2zBx)ID^6;Ux+?
z<t2Ij61D<6$bR>u{?X$_1hoz9d^jkDJpT-N6+HDNo%^MQ2~yqsSBJj4@5;|<UR`pr
zmGgR>1@w+BE04#@Jo4I63<~?O?ok%g%vQakTJKpMsk&oeVES1>cnaF7ZkFpqN6lx`
zzD+YhR%wq2DP0fJCNC}CXK`g{AA6*}!O}%#0!Tdho4ooh&a5&{xtcFmjO4%Kj$f(1
zTk||{u|*?tAT{{<)?PmD_$JVA;dw;UF+x~|!q-EE*Oy?gFIlB*^``@ob2VL?rogtP
z0M34@?<n^#kB5}f662tf-FPK7+=$$^thQJ_=0e1;hhQ6iIZGfFw7z@lxmVdxQ!#YD
z@@+IDMv|25+N!a_rCLgW@%EzHQeAiFUBy6#_b&Y<Vx~v$D%CCO9<Fm)nU)Mm7hLx(
z+OBhjHD+ka+uR|MOWPrSpW8<_sF$kMvQ>2$;}n;^OAV2?o|zHg`+@Adk+&@Syd!rS
zWvW$e5w{onua4sp+jHuJ&olMz#V53Z5y-FkcJDz>Wk%_J>COk5<0ya*aZLZl9LH}A
zJhJ`Q-n9K+c8=0`FWE^x^xn4Fa7PDUc;v2+us(dSaoIUR4D#QQh91R!${|j{)=Zy1
zG;hqgdhSklM-VKL6HNC3&B(p1B)2Nshe7)F=-HBe=8o%OhK1MN*Gq6dBuPvqDRVJ{
z;zVNY?wSB%W0s^OMR_HL(Ws)va7eWGF*MWx<1wG7hZ}o=B62D?i|&0b1<IN$XX^T5
z%N70y9}Uqn!<;jV>4_7UG287YDr%?aYMMpeCkY1i`b+H!J9sqrvKc<L)uh7BYtp$7
zYI<!fmPPG_ASTr99~(~+PA}ncJZBQ?zzQuZe0K(a=Q&Avvvj5@5|G_LL3Njq`V7sn
zdf%<~EuFL#J#oEiV!xvl<9P$2kDP5VAd93fXChCQ#nOSmIT%G(2uky?4Qo5owmXID
zPAT@9%6D<uJTww5Ja3&599`v^?a;}l{us=_Wtuw*M$fZqKYpqvO`YjRlffDE!{g+5
zVdH3imDV!Daaif@$DR7rx0Nn5OU^lipTe=3Ner}<ZD~S<wM>#Y6c8At@QiLSwj)<?
z9DFyN;{iDvLI|AY0%>@ifz~Z|c$lOMA@?cPqFRmZ%_>bz2X4(B=`^3;MDjsEeAO=?
zSoD&+L>A|fGt7+6kF2@LqhL06sD%|~YsIe=EcWqy{e_61N_D(*CacnMvyXMjP87HI
z4PT6!$fzxx{}=>jeqzkkoN+!r9e|@lZUN4pn(T28v`k=_vIhTn^i9O3qTqd)-%!QQ
z<jd9AM{1@GwcZVg<oQg*6vUa`*N7fm@6=<JHmDT7;wr~7?PE;ryAmsxO3!F)HdDJZ
zZ!QzyVesZ-HR*BPFuEi5(@$^b*$~XJQiKDz`*!s!?0jTk#y+Jfp`+uM$1-O~4B%yX
z+cTq@3cZxR=L2UN^929r#)5p0epn*#txp3Qq5sue|JMuum+kq-?!4lG4Dc8x&m=-E
zHI?>YB6*6B@&b(!#X4C~59SLZuorNU_wWZA36{>O%iX)VS5NNZh49C_ppI>?)<pHg
zoC~M~7N1<%@2qgyAM)&s4At>wwml}_0MLzOXT>lmo#&Ew6d?mu8~~I_^4VGBQtC<b
z$ksvC_Au5I^}~oep6LYDHQgU=CfBT&wctG#OGlZ`U53Xlwd_zWXP=>Ake;RQa5DL`
z1PFDPsKb3CS$v;RhlQ1J@AHa1VRuuxp}NOIvrC>4$$A0Ix0VpAc0lfG%8{mR{TRQ(
zbXM#1Tci3H*Wt>cVuMta^6^z`=^B@j+YhJqq9?>zZPxyg2U(wvod=uwJs{8gtpyab
zXHQX<0FOGW6+dw&%c_qMUOI^+Rnb?&HB7Fee|33p4#8i>%_ev(aTm7N1f#6lV%28O
zQ`tQh$VDjy8x(Lh#$rg1Kco$Bw%gULq+lc4$&HFGvLMO30QBSDvZ#*~hEHVZ`5=Kw
z3y^9D512@P%d~s{x!lrHeL4!TzL`9(ITC97`Cwnn8PSdxPG@0_v{No|kfu3DbtF}K
zuoP+88j4dP+Bn7hlGwU$BJy+LN6g&d3HJWMAd1P9xCXG-_P)raipYg5R{KQO$j;I9
z1y1cw#13K|&kfsRZ@qQC<>j=|OC?*v1|VrY$s=2!{}e33aQcZghqc@YsHKq^)kpkg
z><rgHH|yOI5lM&60F%aLmgk4vw(wR1EIb5`i$0Au5`<D^w)OTd#h}+IH6bl|l~ASd
zLvu(rRS+}&bCyqZ2wVl~^^prNkrvH9d*H8$eC}I=Lk<&VlA|Xu!EY|<BPc7hfuH3{
zimrE3hw4oVADm#2l1S}++Z=<wd?>B;CWNX+K=u|y#N)O>n5YuyvPl5cO6B^scmG?J
z<KOI{m8vYOVhJPPOIHCptG0+(@oDno9z%+WYeJZ3o5CpRcLo;t)SxsGOR8ZyZ5#$b
zw(a#c9c64Zm4A&1!R7I|JUTv-JF-k*?(bpUN=jpL-X2NkYP)G-a=sjG^STB9fZ|TI
z2KStBC4MY)u~}R~ttZ4!`Q6EyTl1IJpg2DjV&bKCsOK}4;{gbj^8rouy{R|+?!@hZ
zrT8zc1rczMy*pB^4vA?9JM$^^MTHWwjZ`LC+#=fXFtkk&w}E=6W6@I%j`<aBr76yF
z2iRr;;zXsJGboB12C5WuO)1^<>C8ix)E1P<X_%5bHEQmQRnjC@<;fyCELPI*x5IBe
zghy@a&H_C7B&O2<y933&B7r5YnoJG>lhNaw8FpD+b|D$z`Id^4)rJe78MNiBga?Z-
z0$L&MRTieSB1_E#KaN*H#Ns1}?zOA%Ybr{G+Sn3moXTVZj=L`nt?D&-MjOMz-Yq&@
z$P3h23d_F8Dcf*?txX7}p>nM<l{Qn?uEgn@yf~}YdEK1CaY|S)sKm5%E_A>*s+65t
z1il8bHHsBynUK|aEXSjzY6sz1nZ%|%XeWTcGLRyRl@q4YAR)JovbdTTY&7u>@}28A
zgV^<e**a7WuD0_57|#$M-bDY4Dl!_>Npp<sAnkx7os>?}I!?3K7IXu9ml-Lw;w@9m
zBYTeU+Seh8uJ-w?4e_6byq0f7>O3xm<T-=IFd&#pS0-Fods9njUMwYsRqq<?zWYLD
zfQV)Ux0VAf-GhE9#2pvi*%}6TncJD=b`5tFqkr(+7|GT8HW*ql076rUzXuFAn0$b}
ztB~=fV48IwJVxdQEM(u+^GG9i|8m!}@Gx>(hO}Y=fgU5^vW|>0yQ^0+?}LT55ei$i
zzlU-iRbd8TRX9Ept<Y_yCY)9AN#@44E0QQ@l+Wm>%h%ariV=%u%F@@FA>U*XdA<Yz
zYB4@$IL70Mq*UiYdF!wju0Kb}PJtpQQvXI<J8O>alcH%>#5_a&w)g`<dBOnWNnH-A
z)lTdxEzfBq6Cw*wE~=_CdPlgv%<-3OKBrm26@_ub2DA4t-_B!rBRHZ>uW%3}m?vP-
zc5}DkuF6ruKDwEYj+2YTSQ9=rkp19U5P@(zRm(nLod(sG9{~nw1BUoS2OFDXa{xfw
zZ~UaZLFUZxfQ*9?_X?*~`d;nn-BbaefLJ`DT13KF6?T5Mnt;v5d>H}s)aAIzJcs#B
z|CuXPJKww}hWBKsUfks#Kh$)ptp?5U1b@ttXFRbe_BZ&_R9XC6CA4WhWhMUE9Y2H4
z{w#CBCR<)Fd1M;mx*m?Z=L-^1kv1WKtqG(BjMiR4M^5yN4rlFM6oGUS2Wf~7Z@e*-
ze84Vr`Bmi!(a1y}-m^HHMpbAiKPVEv<svW7U^@p-C~aOLvRc5ptq-Alx_+3VLn`vT
z$Arz4y`QO%gQ^)TU&5;~ub7;p4l60Z!kSr0$0Tamnl#x6jaDz5FuP`OnuT?gam3fh
zW-E3aE=~5{^<i!iqEDAEgjm^e(`^Zl3sQqfd^*9z4K~ILcPZAUdvFIn#Zy+03^i4d
zQ0rAf=8gKh!XB~PebW8sh##BYjM5Ao@$rEpKJ~9X;V&+D|8QYf)cilih1xor1HybQ
zWPWnAY?^@(v}U=ICkzB;U3rkcuLQZ&1HKRSG)P`Bqol1@S-}!fLLQf*7^C~N`N-n#
z$>|(7=|}D#Ihfk+-S5Hlkf<mO<>ch02z&$(zS3vrYz2g*ic{xBy~*gIp(eG}^gMc7
zPu2Eivnp@BH3SOgx!aJXttx*()!=2)%Bf$Gs^4cCs@)=(PJNxhH5lVY&qSZ<ermz;
z*AW$ATa5X{5*^QV)cKip=adjN-+zu<Qbj`b8aKDJ-$7YqrHCn=V==a76z#J|4|C=6
ziQA;AHP{X4+#{W}C>Yaa?A^LhZW`B9(N?fx<^gCb(VE%3QpA*_Pohgp6vCB36iVaq
zc1TI%L2Le?kuv?6Dq`H+W>AqnjyEzUBK948|DB|)U0_4DzWF#7L{agwo%y$hC>->r
z4|_g_6ZC!n2=GF4RqVh6$$reQ(bG0K)i9(oC1t6kY)R@DNxicxGxejwL2sB<>l#w4
zE$QkyFI^(kZ#eE5srv*JDRIqRp2Totc8I%{jWhC$GrPWVc&gE1(8#?k!xDEQ)Tu~e
zdU@aD8enALmN@%1FmWUz;4p}41)@c>Fg}1vv~q>xD}KC#sF|L&FU);^Ye|Q;1#^ps
z)WmmdQI2;%?S%6i86-GD88>r|(nJackvJ#50vG6fm$1GWf*f6>oBiDKG0Kkw<U}GI
zL^YF-xy$sYcJMmiN0ngM(V(;uc)nRNAg-<2BZ%P*)kWkIK)?XHJSmc`?IKMeee=02
z(zZ=v_AxI~%FVp$EfT<efis=BFx^Xmds6b*A?AKP<|2-I4XThUW&>b17KPnS%7CKb
zB7$V58cTd8x*NXg=uEX8Man_cDu;)4+P}<f?2h4JBG{uqPK9;88sh{0wi3bcn?YjF
z^|SE#+I9}S_<Im1WVZg0@?>BuC<Z#C{(lf6;dchu8U3}j{gVnnsj@ck@Dn0Wop$4a
zQzc6Fn;?A(fkDx1$Y=x<Vtp}8<{~qnS9J#(Xmw57hcl6x>vYH6P|`x-#CMOp;%u$e
z&BZNHgXz-KlbLp;j)s<RuYu0Dk0j^92qMJcIT=sQByuycFbf!R2}09C)Zr<&m8ngG
z0P@{2A&&){_n0x4%21>i^~BI{<VR;A%GE_$&6BTtwdzHzZV-&q3D$YomWT8a9H7dS
z$%$Wg)<_@Gc6KJ~xm38<4rN(#v6!<GfV&NgbR){Tbm#Q(jThOK4Ea-d@V@PH!cd6R
zd0k-es%5)FmCAJ~x4G3~F<`E?{xhbZCj36*WNPr8MOFJp6}VGB=P&?z3I*=5D)%ef
zrVKh)paJ6Zd?6fwcCTu!j5xfj@(cEjAHHYt{7uWQ57*1(0u{TI9P|C8Qx^s8U5KJA
zBJaG2P_>!yNLWs5fK+!##G;yVWq|<>7TlosfaWN-;C@oag~V`3rZM_HN`kpF`u1p#
ztNTl4`j*Lf>>3NIoiu{ZrM9&E5H~ozq-Qz@Lkbp-xdm>FbHQ2KCc8WD7kt?=R*kG#
z!rQ178&ZoU(~U<;lsg@n216Ze3rB2FwqjbZ=u|J?nN%<4J9(Bl(90xevE|7ejUYm9
zg@E_xX}u2d%O1mpA2XzjRwWinvSeg)gHABeMH(2!A^g@~4l%8e0WWAkBvv60Cr>TR
zQB1%EQ<IS=62wktFl3@bq?<$7Fi$7<vgVpF%7SI3{e{_?kPXB}oJoDi)6AVm9yCe>
zUoZeUdqjh+1gFo6h~C~z#A57mf5i<Z>bmq$y_uVtA_kWv8X)CzfVEooDaY!#P?5$Y
zGPKXbE<75nc%D-|w4OrP#;87oL@2^4+sxKah;a-5&z_&SUf~-z(1}bP=tM^GYtR3a
z!x4zjSa^)KWG6jxfUI#{<26g$iAI;o_+B{LXY@WfWEdEl6%#8s3@b`?&Tm#aSK!~|
z^%DdrXnijW`d!ajWuKApw&{L+WCPpFialo&^dZ9jC7A%BO`2ZF&YUDe;Yu|zFuv`2
z)BE*7Lkay)M7uohJ)446X``0x0%PzPTWY92`1Oq4a2D_7V0wypPnXFR)WM0IlFgg@
zqz#hv<D0q2`XDaeeh`;vW;a@)LS>2xJEQL8eu}O;e(w4rSA?5|eZHbS6jEN<LYrmK
zS>ytJBq59?bOf>Wrl8<u806q;G;j++Cn$-#N@*)|YQ1Oc1>ySZH36H(6fGR#vHM6q
zn}!7!I@4$*+LFXs{x?|=q2*QtYT%Lw3+5(8uc0j8o3}TrG(zSV#>4wo6~)u|R+Yx#
z?0$AspZDjv{df<u+~yn3WB3HDes|!>v417~C17Oy%Fal{%+B6H(NX`$Bl>II-L3N3
zZc+sKZbqewU*&_Xt;9k=%4*aVYBvE1n&JZS7Uqjd%n8nOQmzh^x#vWK{;In~=QO)g
zT-n3OU(1<pC%^0p(x=6TZRnBNp&Ne%Y8tlj>@3QfL|$g1d2xeBb@O15Rl0<wkYLDD
z+ie<()sq`w;04+|&9rf+B&EVGd3>1+hmpup2De7p%Yrd$E7(In!*R+;IJZh}v!svi
z;7N~pq8<?3Y@|9}TxvDz@LqvwilszncIcoPuvf?2l)cCypvx@P+0bR<xPW)Z*}?M4
zdDSjh8q#cdVFp76x>KZDXXap0qd_D=Y^B)rz4S0^SF=&v6YYTAV$ad43#x!+n~-6<
zK{8*vWoAdW(gGGt&URD}@g6tMoY(+Lw=vvxhfIIK9AjvNF_(W}1Rxn(mp;tJfDV<0
zbJN0t(@Xb8UeO{&T{$$uDrs7)j$}=?WsuDl+T2N5Y<4TMHGOMcocPr$%~(yvtKv(n
z`U96d!D0cb9>Dx2zz$m&lAhazs%UeR^K*gb>d8CPs+?qlpfA;t{InX<O#)_wb~ZJz
zOhlV1HZTS-A}6%HRsloNhRCT$<a1q#*t!(tfKY;MvTUEGs}w*#+XT*;w;2zk8}UYw
zZvt{!yPw_#j^N(vBPyr&>a)^2ryC(FU(Zc6Xbnnh`lg`K&g^JeS>}^c0MJKUCfV+~
z<?PrWsmA0`k*MHcTSYZ^SNU>V(EN0Z5ztoN;hqcj!8V+VRbSltJ<~|y`U+9#wv|~H
zNE!j9uXa=dec@JQSgJ6N6@Il&tzCBJv9#ldR`Lm*<)YwH4tdlAlG0Fl8Nfa(J~<et
z>c%DQ2AA-}x8D=p(l#n1+hgx;N;1Aq?lq@{Lt9FKu89CjnnHD1G_@p;%L<QHk<<H#
z%Q>p`+b@ttb33!E_Xt;QUD9~nRQl&xAro9-{+&6^ljK2f-d>&q<xz}hO>y&d#0xwH
z@slNv@ULKp!Cf*JHuS@#4c?F->WjPc)yiuSargAIEg>muRxzY?Hzdq@G5CS)U1*Et
zE2SLh=@DI1J(guiy2Igq(?(xI9WL%g^f@{5Hmr|!Qz4`vn|LjrtO=b~I6~5EU5Fxy
z;-#<)6w#<N5=AghGQ%g7({wVc#=`dCLpXV5h7n_i_A0Szj?Fpl7Bn=iuV=WGtR6Uu
zNu&$<aar<@2rLPLnQ=VQHv9D;70`**YaQz!mx@i<tJ2gK&Scqi7A(<=BTPK&WDwnB
za&}mmmJHiIiN4{Xt$&GnOmI<>w=DkpSthAu+E;OL?!?6C9Mwt*o(@68(Jhvs-eX4V
z=d=>HI|`3J%H5X|gSrC8KH^IL?h5=3ID6svwHH@(wRbSG`Zsor^q4`3PCn#-(YX?<
z_q8+T)51$E0xyKR{L!LN(G=+9K6$3#PDT^IAe|Igkx=!4#rqKWoXiZdh`&ocjp=Ok
zemJe6*{it~>;sr(B0fSmp(S#*y5I0)OOz~Oe6Im+($S}e3tyx7Y6pA8vKCBmSEQDa
zLfkm*;uMbTLpcR0)tF_v-lbK%`5>POyI2E(!)2=Rj0p;WKi=|UNt6HsQv0xR3QIK9
zsew(AFyzH!7Azxum{%VC^`cqhGdGbABGQ4cYdNBPTx+XpJ=NUEDeP^e^w^AOE1pQI
zP{Us-sk!v$gj}@684E!uWjzvpoF|%v-6hwnitN1sCSg@(>RDCVgU8Ile_-xX`hL6u
zzI4*Q)AVu(-ef8{#~P9STQ5t|qIMRoh&S?7Oq+cL6vxG?{NUr@k(~7^%w)<J@%A@#
zd>P6nPbDa~4Jw}*p-|cT4p1?)!c0FoB(^DNJ+FDg+LoP6=RgB7Or673WD5MG&C!4<
zerd6<aS!6%omMUG1rB_ibwC3Z<FAkOr-Av0C-5&b(0Ijm>q$ODkBvFoy*%cpHGKSt
z3uDC6Sc=x<LEuPYV)CJJ#eplV!COGThUp&RV_B{GH(lNctGS5PP8t)W3PB`p#!e<H
z&2`mxw>vv@kDzRD)aIO`x}BaWLycA%<XY$Q_q9GVL~J84+zWr<Ganp)3n;}BJ36+T
z`Z86y8`!LHC<2a@0gbZjQf1m>(w-D`Pd+uL*rL|etagQ;U&xt_9?7#}=}5HI)cU-0
z%pMA`>Xb7s)|Y)4HKSZOu;{lg=KjeIyXb0{@EM`FTDkLRH`!W%z*lQJ74P%Ka76)H
zblrSIzf+dMWbO`g;=(b@{pS)zUcO&GrIFe%&?YeX4r8B2bBArB%-5ZrQ+vonr%AYy
z1+u0*K{UVUmV>h5vD!F;6}a%KdMZQLs04oGkp<Pp5IZ^H15**bp}t?2!g>iaC)zI(
zT2U9qta5o|6Y+It1)sE8>u&0)W~l$NX@ZQ8UZfB=`($EW6?FT%<IH$}PfK)-mk4_P
zM2R%A;4_B^=pW}8R*%_A(E0^3ZUs_4IKk5=Kb3eYmuv+yu}vu`$TpaKMBldJqb{z;
zIuVCVdUCjq8w56cf)C~yB)uDYvYVpK6nxz>{EoRhOrb9)z@3r8y?Z99FNLDE;7V=Q
zotj&igu*Rh^VQn3MQKBq!T{yTwGhn1YL6k*?j?{_ek5xe8#i#GG4S-a_Re2lssG!}
z`Y-d0BcOdB@!m?4y&hMN68}#0-IIlm_xO)d#}ugX{q^OZe{-@LeJyv`cY&ze4t2~!
zKb{qX-j;kt{?gC(vW%}X4pm@1F?~LH{^Q8d@X$dy@5ff~p!J3zmA>H`A)y+6RB_h*
zZfIO+bd=*LiymR<B*bH}4|&jZ1;Rlt)T_a7*adShM5rJM;aVs<hX!30`%#oQG{-jm
zD&ObtHpCT_P=%-~4Wp~enl~CtGYwtLvfj^jpzaLp>w{asW%xxaVl33_xtdVrrqIPn
zc@y8oMJvNtgcO~4i0`f)GCFkWY8EF?4duLVjHTdb6oYLnO9}Q-pe{CKQJL)hV8)JI
z$mVA0Dq&7Z1TbYdSC(WbJ+IBjXngZTu&I+vHF|>Zo$757{8lL;8Zr-Exkf?3jzN5k
z_d<rMUMzxj_t06F^6GdZlck$oF?EfDxYJCXv!(uHV~h_Kt`vB!PA>9I>{>^J?!l)<
zNd$7E9FVrta}3qy3L7Ys$^fRWNuu^hs^{*eXvazd&+Q*?lTfc>2+EdP(o0P_Z05HX
zVKsfFAQ{t^CRu~Dw(CuJ>tvx*p$5@flA>QRl455b&{*U?xU8`)nF2T$uu_(l8VNtq
z?pBiRQIckGzk8W&SFSB=g6eG`<XB)>ZC;6v9w`?eF*S}3E@N`2ropeHP<uVaPLTC%
zqy$w^_c}_<gmvnjqf4z8v7W!kbnw_pCaVr@HqPLVRLgLa+U(mBw1Y1YkfZY`o(ZmI
zd$;9N{-eGjxL*hB#@*grySry0?F595vZc)8)T9=+q`pOl^9Z0qhdJuJjlQIHm{=Ha
zw0sV438TXrP8;JG9kFkVG7FZP+b_fzpy`n6`xQ+37%?1*xBUVl<5-os{un%b(3f|O
z_e}*Zp|oPuL9Xl3qjk<Yt~bs+$fVKCE^jU8x$L?}!RFx>)E}o?qJkyVEI;K$!)bWY
zt9>4WmDVJh7U~m$|K`T#hF!v|znj^=M;69uXrFys#51XT;DbMr4H)>7UQ1e2(cuQf
z4kr~Tt1tpBB2GaJ(|j~lHgW40EgMMVqR6eJoJig1SBg|2=$~4I3P0eP$q%_`sS&4~
z26=&a&tLjQbch1`cVXa-2fTl1y8}->|Nqu?uVrNTov!=VKh)g89wUPTgAzkSKZ57_
zr=B^mcldE3K04t4{;RaG5<iW&j0o`H?mv@F)~_PT0KZ@gypg|u^T(Cv{e3O@pJdYf
zGU6h_ib}N7B0nR*f)E2ox*ykf;v(Sh-(}VRlmfV7`YFZmj}$+I*#DI9#oy^3eW$wm
zXTl%4`oA!n`WPDL0>3&9yovq;@aR#VHx+R1^^*kr-vEEd!uea68Z<{R%_DD6fn&T4
zu;fDj07L-(_fLSJGdkeh&c&7A(ZLj`7iwnkAcqUexU;WjUkqeg1m1-IU<?H2;Wv!p
zf0yB}^(83YqL?rx1khY22YeFWw~GJ1^1N+<rsUt?0mV!$9qoZ9l|;-ejra`=jO^{D
z0oDMMzlH8W2@J};8})#dfe0j_`5PVhndjXLr2GxRk09DWYlX3yi6c-M7$}eZ`@92V
zq`lh)mKp=t4Cwy>ZTIZA(4dtr2Gr`e{BIejlCgS<33MB=1!8?a74!F%=Uo7N`F@k}
ze+1C_eU4Y_$mvdjc<J~+Q~lq7z|TDICs@D51fC3Y09ac79!+!!v#SGG{&--6|7X=Q
zQ~nlB;MFUK?|}+zzDFnrnmQlC6M#N7W6i}Aeqgn}2ZlWVuH63jmFLY*_gm;6Pfggx
z$iVSGTF#)Tpn=pMQ2T(3p5Iid=<ma-gW`h5%zVIQ0k+ED;QpxA|JJNQqoqCIg-ZMu
z?;nr;zr{`i%{6E&t_PM_so%2vxg~?f7<qt$QTorQ^rK_@?a1_V{=Q3kfQATp089e{
z{<nZ3peWx{0h|B-UEc$3{B?crw9}OTQOfT!A)twaK*DbPojlKb@YlqDZ}<N+4F)lJ
zg2IEwCwPDdQ~xDzKf(T3urd7FEWg(qXe59K)PsM6`iHmxp!o+CUVmWP)%q9t|JmyY
zSUQ`ZW!OQfKvl0FsAhEkMD<@ZutDKL^_w5yEdYOl|M4XLq~;7t1*#?aKqX=JFR1>i
zwEtCIphA2PBzBhng5=M#e4r%)RW5rVD|_`PvY$7BK`}w~d>%0O9sY#*<AMAI{nsBq
z?WuvXfGWp4u<Sbh!t#G;zv{?<VuGHkf561|{1x-xpRot!0X^ycz;o{P3(v2e$G<xF
z4ay06Qul%Lt<V4F{C#%?>LUAq=^OjMF^PY5m<7!=s5jyRfosCQAo#hL`h5vN-M}6Q
z0Li}){5?wi8)GVHNkF|U9*8V5ej)nhb^TLw1KqiPK(@{P1^L&P=`ZNt?_+}&0(8Uh
zfyyZFPgMV7ECt;Jdw|`|{}b$w4&x77VxR>8wUs|GQ5FBf1UlvasqX$qfk5rI4>Wfr
zztH>y`=daAef**C12yJ7;LDf&3;h3X+5@dGPy@vS(RSs3CWimbTp=g<eRcTg5gqWy
N6sQqkUiJO2{|C|0X_No}

literal 0
HcmV?d00001

diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
new file mode 100644
index 0000000..0c71e76
--- /dev/null
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,6 @@
+#Wed Apr 10 15:27:10 PDT 2013
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-all.zip
diff --git a/gradlew b/gradlew
new file mode 100755
index 0000000..91a7e26
--- /dev/null
+++ b/gradlew
@@ -0,0 +1,164 @@
+#!/usr/bin/env bash
+
+##############################################################################
+##
+##  Gradle start up script for UN*X
+##
+##############################################################################
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS=""
+
+APP_NAME="Gradle"
+APP_BASE_NAME=`basename "$0"`
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD="maximum"
+
+warn ( ) {
+    echo "$*"
+}
+
+die ( ) {
+    echo
+    echo "$*"
+    echo
+    exit 1
+}
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+case "`uname`" in
+  CYGWIN* )
+    cygwin=true
+    ;;
+  Darwin* )
+    darwin=true
+    ;;
+  MINGW* )
+    msys=true
+    ;;
+esac
+
+# For Cygwin, ensure paths are in UNIX format before anything is touched.
+if $cygwin ; then
+    [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
+fi
+
+# Attempt to set APP_HOME
+# Resolve links: $0 may be a link
+PRG="$0"
+# Need this for relative symlinks.
+while [ -h "$PRG" ] ; do
+    ls=`ls -ld "$PRG"`
+    link=`expr "$ls" : '.*-> \(.*\)$'`
+    if expr "$link" : '/.*' > /dev/null; then
+        PRG="$link"
+    else
+        PRG=`dirname "$PRG"`"/$link"
+    fi
+done
+SAVED="`pwd`"
+cd "`dirname \"$PRG\"`/" >&-
+APP_HOME="`pwd -P`"
+cd "$SAVED" >&-
+
+CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+        # IBM's JDK on AIX uses strange locations for the executables
+        JAVACMD="$JAVA_HOME/jre/sh/java"
+    else
+        JAVACMD="$JAVA_HOME/bin/java"
+    fi
+    if [ ! -x "$JAVACMD" ] ; then
+        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+else
+    JAVACMD="java"
+    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+fi
+
+# Increase the maximum file descriptors if we can.
+if [ "$cygwin" = "false" -a "$darwin" = "false" ] ; then
+    MAX_FD_LIMIT=`ulimit -H -n`
+    if [ $? -eq 0 ] ; then
+        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
+            MAX_FD="$MAX_FD_LIMIT"
+        fi
+        ulimit -n $MAX_FD
+        if [ $? -ne 0 ] ; then
+            warn "Could not set maximum file descriptor limit: $MAX_FD"
+        fi
+    else
+        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
+    fi
+fi
+
+# For Darwin, add options to specify how the application appears in the dock
+if $darwin; then
+    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
+fi
+
+# For Cygwin, switch paths to Windows format before running java
+if $cygwin ; then
+    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
+    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
+    # We build the pattern for arguments to be converted via cygpath
+    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
+    SEP=""
+    for dir in $ROOTDIRSRAW ; do
+        ROOTDIRS="$ROOTDIRS$SEP$dir"
+        SEP="|"
+    done
+    OURCYGPATTERN="(^($ROOTDIRS))"
+    # Add a user-defined pattern to the cygpath arguments
+    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
+        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
+    fi
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    i=0
+    for arg in "$@" ; do
+        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
+        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
+
+        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
+            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
+        else
+            eval `echo args$i`="\"$arg\""
+        fi
+        i=$((i+1))
+    done
+    case $i in
+        (0) set -- ;;
+        (1) set -- "$args0" ;;
+        (2) set -- "$args0" "$args1" ;;
+        (3) set -- "$args0" "$args1" "$args2" ;;
+        (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
+        (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
+        (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
+        (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
+        (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
+        (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
+    esac
+fi
+
+# Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules
+function splitJvmOpts() {
+    JVM_OPTS=("$@")
+}
+eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS
+JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME"
+
+exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@"
diff --git a/gradlew.bat b/gradlew.bat
new file mode 100644
index 0000000..aec9973
--- /dev/null
+++ b/gradlew.bat
@@ -0,0 +1,90 @@
+@if "%DEBUG%" == "" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS=
+
+set DIRNAME=%~dp0
+if "%DIRNAME%" == "" set DIRNAME=.
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if "%ERRORLEVEL%" == "0" goto init
+
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto init
+
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:init
+@rem Get command-line arguments, handling Windowz variants
+
+if not "%OS%" == "Windows_NT" goto win9xME_args
+if "%@eval[2+2]" == "4" goto 4NT_args
+
+:win9xME_args
+@rem Slurp the command line arguments.
+set CMD_LINE_ARGS=
+set _SKIP=2
+
+:win9xME_args_slurp
+if "x%~1" == "x" goto execute
+
+set CMD_LINE_ARGS=%*
+goto execute
+
+:4NT_args
+@rem Get arguments from the 4NT Shell from JP Software
+set CMD_LINE_ARGS=%$
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
+
+:end
+@rem End local scope for the variables with windows NT shell
+if "%ERRORLEVEL%"=="0" goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
+exit /b 1
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega
diff --git a/proguard.cfg b/proguard.cfg
deleted file mode 100644
index 12dd039..0000000
--- a/proguard.cfg
+++ /dev/null
@@ -1,36 +0,0 @@
--optimizationpasses 5
--dontusemixedcaseclassnames
--dontskipnonpubliclibraryclasses
--dontpreverify
--verbose
--optimizations !code/simplification/arithmetic,!field/*,!class/merging/*
-
--keep public class * extends android.app.Activity
--keep public class * extends android.app.Application
--keep public class * extends android.app.Service
--keep public class * extends android.content.BroadcastReceiver
--keep public class * extends android.content.ContentProvider
--keep public class * extends android.app.backup.BackupAgentHelper
--keep public class * extends android.preference.Preference
--keep public class com.android.vending.licensing.ILicensingService
-
--keepclasseswithmembernames class * {
-    native <methods>;
-}
-
--keepclasseswithmembernames class * {
-    public <init>(android.content.Context, android.util.AttributeSet);
-}
-
--keepclasseswithmembernames class * {
-    public <init>(android.content.Context, android.util.AttributeSet, int);
-}
-
--keepclassmembers enum * {
-    public static **[] values();
-    public static ** valueOf(java.lang.String);
-}
-
--keep class * implements android.os.Parcelable {
-  public static final android.os.Parcelable$Creator *;
-}
diff --git a/project.properties b/project.properties
deleted file mode 100644
index f049142..0000000
--- a/project.properties
+++ /dev/null
@@ -1,11 +0,0 @@
-# This file is automatically generated by Android Tools.
-# Do not modify this file -- YOUR CHANGES WILL BE ERASED!
-#
-# This file must be checked in Version Control Systems.
-#
-# To customize properties used by the Ant build system use,
-# "ant.properties", and override values to adapt the script to your
-# project structure.
-
-# Project target.
-target=android-10
diff --git a/res/drawable-hdpi/icon.png b/res/drawable-hdpi/icon.png
deleted file mode 100644
index 8074c4c571b8cd19e27f4ee5545df367420686d7..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4147
zcmV-35X|q1P)<h;3K|Lk000e1NJLTq002k;002k`1^@s6RqeA!00004b3#c}2nYxW
zd<bNS00009a7bBm000W`000W`0Ya=am;e9(9CSrkbW?9;ba!ELWdK2BZ(?O2Mrm?o
zcW-iQb09-gGzPNMpa1|5tw}^dRCt{2oOy6v)qTf5=iKFO(zBjyS+Xo+%Qj{)!7Q$W
z6KBFe9H5z!Cet*NNr0A2LK&8HhBBEZoyic|G);$p5}K_o1!mG|N`@p9l1vB;J7GzU
z0UH||Z?dh;mfn-zdhc2K$9>OwvMs$Q8_8nISM!^>PxsujeDCl4&hPxrxkp%Qc^^|l
zp6LqAcf3zf1H4aA1Gv-O6ha)ktct9Y+VA@N^9i;p0H%6v>ZJZYQ`zEa396z-gi{r_
zDz)D=vgRv62GCVeRjK{15j7<m5mZl(2gHEX4d3YbCqHS|8EZwgD)Wt;2qJ2{6v75Y
zvGsww4t^CV0F}B_(~=~n8|H-&l88hPhy!ic-_?C@ysdn7po;H83+4{Ko1~nL|K`DO
z9KIFE0%ag1(kL?(4~+<_k&^&YU;FXK@3ppjpEO#}zYf(17Np}aJ`(=&TVH<hHX=<b
z5s{?r6ht)YVl@ql0gJj;%S|0!N#3izr4TSYFun;`M5H+(6ZYt&XojGg?MdgxMnbQ(
zfHCh)hNKka#wsC@21bc&QApGuPFaI$20D(BQsC5V9{>V@v6|2nafFX6W7z2j1_T0a
zLyT3pGTubf1lB5)32>bl0*BflrA!$|_(<V4RW3$KB75pFc@&<Kfa&v`Fw!w=tK8Iy
zHVRiH=xw{4ws<c}SHKc=Lkreetg(}xDTiaMY5!xcI{O}^bumUCOUp@~3ss5EmUUcv
z?hlDO8H^6mIwbC7xc1y1)0w)EKovQ@ZYL8PjkvLDn_L>WD2)iJIfV}37=<tz>ZKAC
zSe3boYtQ=;o0i>)RtBvsI#iT{0!oF1VFeW`jDjF2Q4aE?{pGCAd>o8Kg#neIh*AMY
zLl{;F!vLiem7s*x0<9FKAd6LoPz3~G32P+F+cuGOJ5gcC@pU_?C<K#zxM?|P#!;*h
z<yaeeoHc_VQSY*5(bXKxzCv5Fm-fVJhKt+z;Idmt`HNZ7dLb2^=kZ;C$5{Cwn^xRG
zZ~I3Hb%|X0Ab~D%ara-4jxS|#%LP2Y?;eW55jL;+ds_T1et+Qmyx#v41QKfv%7pZ!
zH}KI_U!xctA=G7zRgr=;7(HxFvnR-Ds^N`rOa*J?)FjYl+7i8Vq}KApuDd8yhFQ7r
z3QEBkovrIw+xcf~8~8bAWiDey=A&d1tN5d3Ut-sh$0-EENIaAY=t!N%MN2<V-{|kj
zmHW7A&3CA%0<RDJl#i{xoA%_{#M}($cm63cw~Y_4xPwra**EeWu8d=hIiYUT$?@$v
z9fImJ5!Qk=6B4Ql%hDet?zeE^lFyO!+gaYW2}i`RR&#i43orNm8^uZvtiyuXa<K6H
z-tY3(;G+m3!AdNGf!v!svHLE9uuNC_0^aC<m>2fmix7g2<OKw(NJSO!Wh<G)O12OD
zk{9;hOR+MF#G6#FX=OtB>)SUaQO$NS07~H)#fn!Q<}KQWtX}wW`g2>cMld+`7Rxgq
zChaey66SG560JhO66zA!;sK1cWa2AG$9k~VQY??6bOmJsw9@3uL*z;WWa7(Nm{^TA
zilc?y#N9O3LcTo2c)6d}SQl-v-pE4^#wb=s(RxaE28f3FQW(yp$ulG9{KcQ7r>7mQ
zE!HYxUYex~*7IinL+l*>HR*UaD;HkQhkL(5I@UwN%Wz504M^d!ylo>ANvKPF_TvA<
zkugG5;F6x}$s~J8cnev->_(Ic7%lGQgUi3n#XVo36lUpcS<B*<^O3@1)uNA43bS0?
za~<a`{v?j@Ske9wVqO|oCZ?^w;|LChBf!5j-{=N?H4Q8SE&@KYZ+HK&Jq|$-TC1x+
zjI}`!SgWno%32kg6Ve1hV0CD17-|~^%35o!4y{$8K9;8rtqlWhby$7YT5EMR?_>9s
z)ympRr7}@|6WF)Ae;D{owN1;aZS<z%U`85L3`Wtq;{;U>R50al9h~?-WhbtKK%bDd
zhML131oi1Bu1&Qb$Cp199LJ#;j5d|FhW8_i4KO1OI>}J^p2DfreMSVGY9aFlr&90t
zyI2FvxQiKMFviSQeP$Ixh#70qj5O%I+O_I2t2XHWqmh2!1~tHpN3k<ugQ5k@C@Ok7
z+FQ2}+B9a|#m)q5Ej;-ypgId^I<pxY>A4n=1iHj?`@c<~3q<khQ_D+AiSPS(o;PhA
z`n^Sv1#1+erM+mQs!_q26XUurrBaD_Jl?i>^X6_Q$AqTDjBU`|!y<&lkqL|m5tG(b
z8a!z&j^m(|;?SW(l*?tZ*{m2H9d&3jqBtXh>O-5e4Qp-W*a5=2NL&Oi62BUM)>zE3
zbSHb>aU3d@3cGggA`C-PsT9^)oy}%dHCaO~nwOrm5E54=aD<PxWdc(q&_xc9ze;;z
zHLgsOaNCGEX{@j)Q^Ht%Tpp3F>g(&HR4S23Oa#-a^=}w%g?ZP-1iq8PSjE8jYaGZu
z$I<dGMoPOWg+~}HypAJW1P(3!5;{{KV0qg|Sem{J-)X5D@d@oNm&=TgkK?+NnkmGD
z-_Q{A#FMr-B8Dqt^yOY;>)?YN8he?F9>)<bj*Q_57qEn;3|Nj9cQTmY%C_N$=t`~Q
z;w4{XMcd^l6D<P?Ay7&Y1OdM9A8)vuc8KPXAd4&GNZ}FcLfta4#gi!lo#*+!e`fp8
z&(OAv=d=)a+Um*{SaelE1QL&!lK>2d$G6a*zm0XB*Rf&gZAjq(8l@CUDSY1tB#!i>
zW$VfG%#SYSiZ}<yUM62T%y}K3#sZ-(5_4L}RSxpRzOQpA_YyHTjW5$2?;2XGa7B!d
ztoRyIcszIDAF1eZgm9|eQuBwy|4Kd>;)>pHA`qlfDTEYQEwN6>NNEp+uxuqx({Fgr
zjI@!4xRc?vk^9+~eU|mzH__dCDI=xb{Cd}4bELS9xRaS!*FXMwtMR-RR%SLMh0Cjl
zencr8#Su<4(%}$yGVB<Bgt*hjhnC%m<GA#mwVG#MdW;e0Y1~wZEwtgvc)kC3T3hfY
zSMoH5`B0b0#8+|6>U-HX{18v=yPH*+%^Vtknc>2A;%-~DrYFx^3XfuVgvZ{#1tA==
zm3>IzAM2{3Iv_d1XG{P6^tN3|PkJMnjs&CWN7%7_CmjoVakUhsa&dMv==2~^ri?&x
zVdv*rnfVyM+I1^Kg*S=23mR@+0T9BWFZUu~@toA8d)fw6be=`Yb6DSX6D?jB%2YT~
z*aHjtIOozfMhA!Jd*?u5_n!SnX>vX`=Ti-1HA<HWRGx~;;frK-Ys%y;GE<2slXx;!
zx1GgM4s$rf_|Ve7;o7tR9cwMW*zuR_9{CMPZ!v@(j)WyE5}b8zA|%>4RiE>eI3vTn
zz+>Ccf0HX6Ans-ebOB>RJST-Cyr#4XAk+mAlJgdQnoE{^iIN)OcYFSpgJUmXtl@tT
z-^ZuUeSj5hSFrQwqX>~EtZ*{>Gi8Bu9_|o06oNtaXP?E936!a@DsvS*tsB@fa6kEA
z5GkjwmH?EgpiG&itsB_Tb1NxtF<S=iW9N}aFjnEobhIC__!e&t|CIIJH?ueUG}@}#
z*5IbJ2TmcPSR2JoRU8pxF#iT)<-^sjbdq(QH?VQp^>nvxh_s@9KYX1Sttf?AlI~)z
zT=6Y7ulx=}<8Scr_UqU-_z)5gPo%050PsbM*ZLno;_-ow&k?FZJtYmb2hPA$LkP)8
z=^d0Q6PImh6Y|QT?{grxj)S=uBKvY2EQUbm@ns9^yKiP~$DcD)c$5Em`zDSScH%iH
zVov&m=cMo`1tYwA=!a}vb_ef_{)Q2?FUqn>BR$6phXQRv^1%=YfyE-F$AR4Q?9D!f
zCzB^^#td~4u&l~l#rp2QLfe3+_ub9@+|x+m;=2(sQ`s%gO|j$XBb>A7Q(Uy<Ms~mR
z)sr@Bsv6HJK@x#68l_8!W4+tria4%_*Y>dipiMw%igcweV#Cr~SP);q>w`bxts_4}
znKHg?X==JDkQl3Y>Ckt%`s{n?Nq-1<xam62X*|eake2F>Fw5~%Mq$CAsi-`yu_bKm
zxs#QdE7&vgJD%M84f4SNzSDv)S|V?|$!d5a#lhT5>>YWE4NGqa9-fbmV$=<!@JM<c
zC&X_omO$rmWt??g*K=X#7Z@$=;a9tEXDI(Vu9G}wXJ-C-A`g4(;Dem+-U&z%S^l~N
zQ((^hAY(O|#LDVE#%LB51-uk1+Ae2(_f1IQ@xp<7*qeP4fxvebRLei*VsS*AT)B@e
zWA_nla&2xtIp+k0rc6h2Eh(>)@k&32kdEYetna>=j@0>V8+wRsL;po!3ivVwh<9tn
z2S<1u9DAAQ>x1Sn=fk`)At|quvleV($B|#Kap_lB-F^*yV=wZ{9baUu(uXfokr95^
zA*!*W=5a>$2Ps`<ZO3O>-F^+qRQT<luhKvM2V5DC;>^{*cN>vipT*4!r#p%{(#I7s
z0NN94*q?ib$KJjfDI_sjHNdmEVp5wB&j54O#VoFqBwy)gfA$%)4d_X4q${<K?$%4`
zAKx-J)i?#riIMhXoFj#uJh}JljFtNkLb7$>L9Xom2R3xy&ZBSNgt4a1d7K^CDWa9r
zVb-_52m}Vp)`9;ZSKd#|U4ZYj5}Gp49{4utST|=c`~(#>KHF6}CCov<Oc3fKBc;8#
zGIi`Nx+1|?<uF?Y9^~S#8%cQ`XcHd0KbtaZ1f3cTu8gxFwmkaSt`43|v19n>1iHYw
zt{bWo)A@yF2$~c(nR$rSAaFQ$(Wh{vkG1AlutDMw=mM`C`T=X&|Ad9fb5Od}ROt1z
z<iuFelzP>OpczHqrb4Jo^rSCiW#&o(m7jFamnrsTpQb;*h4o8r#$aZ}2RaT-x2u^^
z%u@YyIv$U^u~@9(XGbSwU@fk6SikH>j+D1jQrYTKGJpW%vUT{!d}7THI5&Sa?~MKy
zS0-mvMl+BOcroEJ@hN!2H_?coTEJ5Q<;Nd?yx;eIj4{$$E2?YUO|NtNPJ-PdDf;s}
zab;}Mz0kbOI}5*w@3gROcnl#5)wQnEhDBfn!Xhy`u>C}*E~vWpO^HS)FC>8^umI=+
z&H;LW6w#;EF`}vQd_9Muru`KnQVPI9U?(sD<bWa&SZmeEGH6DFY6WD0w}C;Rh4&^w
zc_LD>)&Dg-0j3#(!fNKVZ_GoYH{la~d*1Yh$TI-TL>mI4vpNb@sU2=IZ8vL%AXUx0
zz{K0|nK(yizLHaeW#ZhRfQXoK^}1$<rbM${EMT&_)(%*j&)QQ%O^fOeSPGdq*yOYb
xs*zGFL~-IVT`+%1s&@qImmziC^|Zdw{{iC%_e>=$#1{Yn002ovPDHLkV1n#w+^+xt

diff --git a/res/drawable-ldpi/icon.png b/res/drawable-ldpi/icon.png
deleted file mode 100644
index 1095584ec21f71cd0afc9e0993aa2209671b590c..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1723
zcmV;s21NOZP)<h;3K|Lk000e1NJLTq001Na001Ni1^@s6;Q*MJ000JpNkl<ZSPAV|
zTWnNS6kYeubY6Whoj!oJloqJGA0nb5fDz@Ri3x^3On~Tz5)-4wS4_m1D8}&Nhfxy{
z69ayjV2tmmi3my*6%bHLDd3b!TbgO<OkeZ557)lsPCB=DDm0)!?#Z5e&z^J7UT5un
z&e?N;|7BtZ6qldHRz&qty;Kj?tsl+TEe4;^sTwtN^<Hc_aXON=04dx0QuR(xarQnl
z*Y$?on0m_h`QGh4&vC>ARe<Hh2}sx|ed^8SkIr5c-eKY<z@Y<$pYtcLyzu(tC*Edr
zfGVt6A|V+oDjOw3!~L}g5sYa<;YBw!cvP<gp2D9sD2mKstmNBG(}1d|`Ohi}28QFc
zd@4j8rse<%fUzQs`BO<V2!pqV3cn|URWqK1t{KpE6MB{**A-+kBUsn?3bR3hq3JMb
zGc*%gR>P91Tc8>~sHP8V>Ys(CF=aT`Sk=;|pS}XrJPb~T1dys{sdO&0YpQBSz*~us
zcN*3-J_EnE1cxrXiq*F~jZje~rkAe3vf3>;eR)3?Ox=jK*jEU7Do|T`2NqP{56w(*
zBAf)rvPB_7rsfeKd0^!CaR%BHUC$tsP9m8a!i@4&TxxzagzsYHJvblx4rRUu#0Jlz
zclZJwdC}7S3BvwaIMTiwb!98zRf|zoya>NudJkDGgEYs=q*HmC)>GExofw=92}s;l
z_YgKLUT5`<1RBwq{f)K<EkI>~I%M=gRE6d<FHDq&W)h|sStE^=^^YK)Y-gCukktCI
zyk;}6aco?&J1^Hr5X_bX_y7#KLtFtxLbEV4yat9bO7raUdvlKkyy4uvOtCUJFV~jL
z4F_gf?I6P`67*JZthLs?{Usrbgxc+9-qjV5^bjy6SJ}TU{|O*fbxYmRsk;KwbuMGF
zV~6Z!up~a*#1)Wq6hM;=nYFAZ2=_!2bp<33Og4weD-y{LCU=7y0hUbw7ZO)M(s|N=
zOdXwxqui@za+L9lLcsL(^&t=lRI|f4WUhcDzSj?k+on>)b5BP`8{u9x0-wsG%H)w^
zRU7n9FwtlfsZ<KFSWNbmYXiiN*Ok-)q-Xedoa)(!*hmY~dIHC~-a*J$h1uondA4mP
zSU)GJA(2QR7z~OFS!x0(50ooIHamrqTGLZ7%q)D~GHbL$9Xrt0`x#VKN-6Q6pnl3)
zbR>SjiSB(k8~Y5+O>dyoSI477Ly?|FR?m))C!ci%BtY!2Sst8Uri#|SFX&)8{_Ou2
z9r5p3Vz9_GY#%D>%huqp_>U}K45YGy__TE!HZA@bMxX~@{;><au~O%#R=eO1RfrvV
zN@}1b)ej(%>cGYRgH~Ih*vd7EgV7h6Pg$#$lH+5=^lj{W80p{{l+;{7_t5cv3xVUy
zl_BY4ht1JH*EEeRS{VwTC(QFIVu8zF&P8O$gJsMgsS<v<^cG8zH12ME8E3p7ArSJ)
z&M1j((`t=fkRbsyk@k;7F_7#+Brq3Ek@Z%>O35SVvBrX`Vah$Yz2-5T>-`4DJNH;N
zlSSY8-mfty+|1~*;BtTwL<Ip!$O-{6nJWXCZfj~?gGcf6rCkhL5i}!%NU#a3>z_w5
z+lRv)J28~G%ouyvca(@|{2->WsPii&79&nju7ITE6hMX4AQc{|KqZN#)aAvemg3IZ
zCr}Y+!r}JU&^>U1C2WyZC<=47itSYQ`?$5{VH?mtFMFFExfYTsfqK%*WzH@Onc#i`
zI@a|rm-WbKk{5my{mF}H>Duc$bit&yLAgFfqo2vVbm~?FeG#0F?dSP*kxSo0Ff!o@
z(C}B;r&6pa-NY4;y~5lX8g&*MYQ>yLGd^tDWC4(sGy$Ow-*!eh%xt;>ve|J1q$*w<
zh;B#cz!6l2=5bkX#nJ9PJQ`ew8t>7z$bxqf*QB=l2_UB$hK|1EIfloN-jQ=qcwChF
zYAkkyp=;FwcnUB3v0=*tMYMA(Hdy<PN`g-^IhR&%fzFN6N*#&lHK?Lk=ZxLc=3rdN
zq(e3yk0;yO+EN7N%Am(wh<K-;2jmbL8HO+Z6SBz}=uJg)0~flX15@%oImi=w^eu?^
z%t_uJK&!llk^e99-)25FLY2R~H%i2Lni{9JP+O^e)Z7~oXC_K$<<GxNRbG`8Q=NTi
znzRTYIm5)q73$E{HZP;%WJucbIzw0y6~<h{M*Cz$0Li2UlrSYKFR#RI$=`tPT2(|y
Rn%e*X002ovPDHLkV1g`*Fem^3

diff --git a/res/drawable-mdpi/icon.png b/res/drawable-mdpi/icon.png
deleted file mode 100644
index a07c69fa5a0f4da5d5efe96eea12a543154dbab6..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2574
zcmV+p3i0)cP)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm000TqNkl<ZXa((A
zTaXl28UDI^W_OsGWtUy{!Y<c^KmeB|0kUGyGA1FG<+Tz*5iPC6veb&P)Rg5*9;h-e
z3TmlIsSioYk{F{DmNAwkFOUEcA|RU$mk^d6F3YkP_BQuRcl-T4)62|GPtQQe^5S3h
z&*?tr^nd>Q`Og{P|8RRXpj5bgrSmEzSMfBn+{{vpNxw?;5UX;iv9<g8_@RM8%EGu#
zOyw}c*6!!ybr1%fK$!Ou1DhVH>sYxy_`IQHs$i<61a_iv^L>h8s-`D(`e@|IgS*Fj
zNGM876Gf;3D8*1UX9a%v>yJKD*QkCwW2AirU(L{qNA)JghmGItc<S)8TvCJ(ixjw3
zDGP|(1X`9Un_CtJe5P6O4Tok16h-k}y%^cd)qX(~3y1&(;3R-pMJy1U42MmBECtgL
z_oL_(B#i{Bm05*qutp_76zFCKsv;ifWL$-`=mi{76bUH<88Zp5;&Y~_s+bHXMSDSF
zJckkwQy?ojfl&9Fx}jNKXK+QzP_5SD&ic<$5P277Obe~>;(H<$!ABY&g<qQoV`}XB
zymTgs1$FnL&bJu4p0VhC=8or(5d~RmWa&;lQ&x+IY&_aYq<~*13&;c!tSXaIRAEF=
zB<NcF6z2Nxz(jNa!_iZ?yY1^}3a-Li7k-IIVgR3A@f`f#Ip`ZXfIAz$i21em;CTN_
z=xEu3VAVXlcIsQuGdfb46xxDaSk?R`H2PP;NRz%=?4~pTga_dz#}k`EC}jbv!cw~B
zHsU&lZlE=|p3FXv_J;eB)>By1vJIEUj-b8%el*o|VkG)LqNx#TG>Jvj^jIte!!+RY
z)T4j$7+PoF1AkRBf}R#^T=-q|PaK1$c<4UH)H<?OK4zWQV%p-Vko~Ntr}xRbH946I
zBbJy%oM;*<Qu-v?>pq3$4WA|xtr!ZQLC=*vNE>O6E9kp+5X0eKB$6>C(lPwI@3#oY
zhS_%x7e|j!$yG?ECXmh~EH~^OeuK}+sWoJse3Z3?ha3n`MM9KvA?uqpEnBg4Q46)7
zM$p%a$@l;+O}vfvx%XjH`}a{(-HHth9!JaUwV0*VqGR48^gWNYN<&~7x)y$e!X>e`
zZ5!6KZoxbKuV9XUDI%#M1~IVh?pNSdeb~6@$y`v|yk=XK+fHxnDqnUK4&=QRNyIVf
zYbDM*cI>~qIy*a7=z7uqkw@agd(<=y-Q7L!ty_23SGdXmahO<;N=wB+j;lNm%=OHC
z<IaPt3t7R-6esQN0HcDnT?G)P?Tm0c1gJ!Dt^$bfixvcL7nF-XR{?CME762Kcc$C2
z0^CXqusEZ9EG@XXRRY=h?lWDp(5=?IC?k=XaOY^+XgMBS1rS=c1#U%~*5f!7`iWIr
zm7^!xPp7$o27|RVH8pa$a)h!jBpN8E1xL!$I)x$2C0IsF*=^G#^@5r9yhtR1D_5>y
zU|>La6h%92y4IPufI$9>Xu!@y`TaNgtg&41@PwMwBdmSm7)xAWDLoqjZ==P2#*k7!
z3o1)cVSI3KP_!?d8G^Lg0FtLXC~JYdxi|c%h~lXEixY=%VSFF@!*3&&9>(R<hk59!
zW=XvsOXl2%B`grF;AT}St~EM33K2wrmQn?+2@Y0p6+pBvrWT^^V6rHyhHhkp1z8pz
zbryOC|A-TVzh@Pjttc&ls7T$Eawdh)_?r~$O&m~viVgF=iIq(c^GhAcWD*{aheGlU
zQ|MtuY-GhO>b|iK54Cx5;s~PY5iaV1het%w`dgQFBAJ;aF<C~nc##zP@rBRelZ&>K
zImQC}(|QaCFYUm1JVfzSc)ebv=)ObI)0jwJb``<Z0-}AfLb=^g=Q+9A---7|U+2N)
zKd9DfaQ52Yps9ZGfvJGaszssZ->}Zj9J0n0Xgn*Zc(rFM9$xh_makZbm-at_v5^SW
zM1y1SW@%+FuIy*WR)i3A2N_q;(YO`O!A|Ts^%z}9ZepCj3ytlw#x%N_fNrKKtPh`<
z|1{UqF`4LxHaCQ79+E=uUXCOZ35jAMRz%R%0(P!0FMv=sk>Nr8%+Oz<nLfHjoFa)k
z@jh(Yx+=2QOc~A*As$?^lQRq)3_XjOK8~%cccZ0x1Js6YG`2CYa;IA-0bFCCGVPNr
zL2`REIf(P4`>Y^c-M9@+fz=G`q<GOZlu*|(zvf<SUix$Njqk_ab5A3#M<oK#J@_)#
zF{tIXf^lqXzDWDBuB!!Pf<XB!Bm$@iO&ma&w-a(qOl6{s9o|LdEh}1<fL$^7^H|-u
z1t+e)h<}~^0jEeP^C~Jg_vF<-^N3oHdfzhiXHHlwSd2LQxLQEw+g2#o8dP&Q$@42i
zPEox$JMwp2i=E|*xKLK(8ne@y=C5MuoQH7e;!Xzh0gHKS9qUO%VG7oKI61tVw;qp?
zT%HD|M7%DEs|AE<I}WaY;`}73!Vq_rZ9p-ZSF##4B|tSl?rMG<)t)-MGqejQhyFs1
zOYY$u$1R38AVwJR<T&GF2Y!V|ofl<qSqqf>a@v4sF5u-2289-#$**LWnyNNDwDf1(
zkUiMnw|y$tn>pQP=Vn!#|17L^5AGrjtBkN$D@v)Z7LXc5EFhLB4<;7Wehh)CMqX|W
zqsiZaO^benJ_hwa&V0ub$-_HUk**?g6fm9|!@kguU6*zhK)$qn-<3*kFrYPIaqR=V
zUaUvk>@F_89b@tHs8R!*QKY;INJ<2_U+K6Ca3e9Gsl2{qY0%a7J?uICWgHuLfj+MB
z=GkAN1&ifT#2u}B+2S#~$5jA(Qn^;H%CCmIae4AE-Dsng|Hl*Ov!z72k3ZnJs{pp|
z+pW`DDueC#mEWOf=ucJ!dTL}hzOeiS-i?m2E;`EKz4<&Lu~NnW?peqVU^@<+T3KKu
z{yrI%Qy-Z%HEvLUz}n^~m?7x`xuCtNR#L2En!T>dQtIKdS#V-Hzt3RtwTeYtmQ&dR
z6qXZvac*oc@BUYEH%@Ylv_1&tSjkbzzU6*h1(3^C`;1z;g_S<r>mOtclS?KWk2VYE
zM*oS<=C483Xc<XBH-T2(vVJUXr<9s6L8%y!+?6<f{P<XJZ|@}c0}+%-f$DVxIixSf
zyZx`_jp~RryiOnPLN6^M#a^XAPNg`KKXr{n)Ewh?38G^@b)qVL^*LP6b}_MzC^c}&
z>kW?GN|1jfh3Ro(h<KDZN|fWBj7@=)05T}o0kZov5oZ%?h%8)~*k=Yr+YBDaVOp3T
zBFg{7f(5Qr%7ttVh}3fDAw-1vQZd7!TMCkUL<sw@Rk22a=Izx=SwI*ShDAWTmANx1
kfM{AOIT6Hei<0X907#l7&=u{JbN~PV07*qoM6N<$f*QKj`~Uy|

diff --git a/res/layout/get_password.xml b/res/layout/get_password.xml
deleted file mode 100644
index cf3c796..0000000
--- a/res/layout/get_password.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
-	android:layout_width="match_parent" android:orientation="vertical"
-	android:layout_height="wrap_content" android:padding="5dp">
-	<EditText android:layout_height="wrap_content"
-		android:layout_width="match_parent" android:id="@+id/password_text"
-        android:filterTouchesWhenObscured="true"
-		android:hint="@string/password_hint" android:inputType="textPassword"/>
-	<EditText android:layout_height="wrap_content"
-        android:filterTouchesWhenObscured="true"
-		android:layout_width="match_parent" android:id="@+id/password_verification_text"
-		android:hint="@string/password_verification_hint" android:inputType="textPassword"/>
-	<LinearLayout android:layout_height="wrap_content"
-		android:layout_width="match_parent">
-		<Button android:layout_height="wrap_content" android:text="@string/ok_button"
-			android:layout_width="match_parent" android:id="@+id/ok_button"
-			android:layout_weight="1" />
-		<Button android:layout_height="wrap_content" android:text="@string/cancel_button"
-			android:layout_width="match_parent" android:id="@+id/cancel_button"
-			android:layout_weight="1" />
-	</LinearLayout>
-</LinearLayout>
diff --git a/res/layout/secure_note.xml b/res/layout/secure_note.xml
deleted file mode 100644
index 37e8883..0000000
--- a/res/layout/secure_note.xml
+++ /dev/null
@@ -1,26 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
-	android:orientation="vertical" android:layout_width="fill_parent"
-	android:layout_height="fill_parent">
-	<TextView android:layout_width="fill_parent"
-		android:layout_height="wrap_content" android:text="@string/secure_note_title"
-		android:gravity="center" android:textSize="25sp" />
-	<EditText android:layout_width="match_parent"
-		android:layout_height="match_parent" android:layout_weight="1"
-		android:id="@+id/note_text" android:hint="@string/note_text_hint" />
-	<TextView android:layout_width="fill_parent"
-		android:layout_height="wrap_content" android:text="@string/secure_note_warning"
-		android:gravity="center" android:textSize="10sp" />
-	<LinearLayout android:layout_height="wrap_content"
-		android:layout_width="match_parent" android:orientation="horizontal">
-		<Button android:layout_height="wrap_content" android:id="@+id/load_button"
-			android:layout_weight="1" android:layout_width="match_parent"
-			android:text="@string/load_button" />
-		<Button android:layout_height="wrap_content" android:id="@+id/save_button"
-			android:layout_weight="1" android:layout_width="match_parent"
-			android:text="@string/save_button" />
-		<Button android:layout_height="wrap_content" android:id="@+id/close_button"
-			android:layout_weight="1" android:layout_width="match_parent"
-			android:text="@string/close_button" />
-	</LinearLayout>
-</LinearLayout>
diff --git a/res/menu/secure_note.xml b/res/menu/secure_note.xml
deleted file mode 100644
index 5806171..0000000
--- a/res/menu/secure_note.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<menu
-  xmlns:android="http://schemas.android.com/apk/res/android">
-    <item android:title="@string/change_password_button" android:id="@+id/change_password_button" android:icon="@drawable/ic_menu_login"></item>
-    <item android:icon="@android:drawable/ic_menu_delete" android:id="@+id/delete_button" android:title="@string/delete_button"></item>
-</menu>
diff --git a/settings.gradle b/settings.gradle
new file mode 100644
index 0000000..e7b4def
--- /dev/null
+++ b/settings.gradle
@@ -0,0 +1 @@
+include ':app'
diff --git a/src/com/marakana/android/securenote/CryptUtil.java b/src/com/marakana/android/securenote/CryptUtil.java
deleted file mode 100644
index 8bf7c8b..0000000
--- a/src/com/marakana/android/securenote/CryptUtil.java
+++ /dev/null
@@ -1,79 +0,0 @@
-
-package com.marakana.android.securenote;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.security.spec.InvalidParameterSpecException;
-import java.util.Arrays;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-public class CryptUtil {
-
-    public static final int IV_LENGTH = 16;
-
-    private static final String ENCRYPTION_ALGORITHM = "AES/CBC/PKCS5Padding";
-
-    private static final String KEY_ALGORITHM = "AES";
-
-    private static final int KEY_SIZE = 256;
-
-    public static Key getKey(byte[] secret) throws NoSuchAlgorithmException {
-        return getKey(secret, false);
-    }
-
-    public static Key getKey(byte[] secret, boolean wipeSecret) throws NoSuchAlgorithmException {
-        // generate an encryption/decryption key from random data seeded with
-        // our secret (i.e. password)
-        SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
-        secureRandom.setSeed(secret);
-        KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_ALGORITHM);
-        keyGenerator.init(KEY_SIZE, secureRandom);
-        Key key = new SecretKeySpec(keyGenerator.generateKey().getEncoded(), KEY_ALGORITHM);
-        if (wipeSecret) {
-            Arrays.fill(secret, (byte)0);
-        }
-        return key;
-    }
-
-    public static Cipher getEncryptCipher(Key key) throws NoSuchAlgorithmException,
-            NoSuchPaddingException, InvalidKeyException {
-        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
-        cipher.init(Cipher.ENCRYPT_MODE, key);
-        return cipher;
-    }
-
-    public static Cipher getDecryptCipher(Key key, byte[] iv) throws NoSuchAlgorithmException,
-            NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
-        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
-        cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
-        return cipher;
-    }
-
-    public static byte[] getIv(Cipher cipher) throws InvalidParameterSpecException {
-        return cipher.getParameters().getParameterSpec(IvParameterSpec.class).getIV();
-    }
-
-    public static byte[] getIv(InputStream in) throws IOException {
-        byte[] iv = new byte[IV_LENGTH];
-        for (int i = 0; i < iv.length;) {
-            int nRead = in.read(iv, i, iv.length - i);
-            if (nRead == -1) {
-                throw new EOFException("Unexpected EOF");
-            } else {
-                i += nRead;
-            }
-        }
-        return iv;
-    }
-}
diff --git a/src/com/marakana/android/securenote/SecureNoteActivity.java b/src/com/marakana/android/securenote/SecureNoteActivity.java
deleted file mode 100644
index 87300ec..0000000
--- a/src/com/marakana/android/securenote/SecureNoteActivity.java
+++ /dev/null
@@ -1,346 +0,0 @@
-
-package com.marakana.android.securenote;
-
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.io.Reader;
-import java.io.Writer;
-import java.nio.CharBuffer;
-import java.security.Key;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-
-import android.app.Activity;
-import android.app.AlertDialog;
-import android.content.DialogInterface;
-import android.content.Intent;
-import android.os.AsyncTask;
-import android.os.Bundle;
-import android.text.Editable;
-import android.text.TextWatcher;
-import android.util.Log;
-import android.view.Menu;
-import android.view.MenuItem;
-import android.view.View;
-import android.view.View.OnClickListener;
-import android.widget.Button;
-import android.widget.EditText;
-import android.widget.Toast;
-
-public class SecureNoteActivity extends Activity implements OnClickListener, TextWatcher {
-    private static final String PASSWORD_KEY = "password";
-
-    private static final String CHARSET = "UTF-8";
-
-    private static final String FILENAME = "secure.note";
-
-    private static final String TAG = "SecureNoteActivity";
-
-    private static final int GET_PASSWORD_FOR_LOAD = 1;
-
-    private static final int GET_PASSWORD_FOR_SAVE = 2;
-
-    private static final int CHANGE_PASSWORD = 3;
-
-    private EditText noteText;
-
-    private Button loadButton;
-
-    private Button saveButton;
-
-    private Button closeButton;
-
-    private Key key;
-
-    private boolean autoCloseOnStop = false;
-
-    @Override
-    public void onCreate(Bundle savedInstanceState) {
-        super.onCreate(savedInstanceState);
-        super.setContentView(R.layout.secure_note);
-        this.noteText = (EditText)super.findViewById(R.id.note_text);
-        this.loadButton = (Button)super.findViewById(R.id.load_button);
-        this.saveButton = (Button)super.findViewById(R.id.save_button);
-        this.closeButton = (Button)super.findViewById(R.id.close_button);
-        this.loadButton.setOnClickListener(this);
-        this.saveButton.setOnClickListener(this);
-        this.closeButton.setOnClickListener(this);
-        this.noteText.addTextChangedListener(this);
-        if (savedInstanceState != null) {
-            this.key = (Key)savedInstanceState.getSerializable(PASSWORD_KEY); // ???
-        }
-    }
-
-    protected void onPostCreate(Bundle savedInstanceState) {
-        super.onPostCreate(savedInstanceState);
-        if (this.noteText.length() == 0) {
-            if (this.isSecureNoteFilePresent()) {
-                this.saveButton.setVisibility(View.GONE);
-                this.noteText.setEnabled(false);
-                this.getPassword(GET_PASSWORD_FOR_LOAD, false);
-            } else {
-                this.loadButton.setVisibility(View.GONE);
-                this.saveButton.setEnabled(false);
-            }
-        } else {
-            this.loadButton.setVisibility(View.GONE);
-        }
-    }
-
-    @Override
-    protected void onSaveInstanceState(Bundle outState) {
-        super.onSaveInstanceState(outState);
-        outState.putSerializable(PASSWORD_KEY, this.key); // ???
-    }
-
-    @Override
-    public boolean onCreateOptionsMenu(Menu menu) {
-        super.getMenuInflater().inflate(R.menu.secure_note, menu);
-        return true;
-    }
-
-    @Override
-    public boolean onPrepareOptionsMenu(Menu menu) {
-        menu.findItem(R.id.change_password_button).setEnabled(this.key != null);
-        menu.findItem(R.id.delete_button).setEnabled(this.isSecureNoteFilePresent());
-        return true;
-    }
-
-    @Override
-    public boolean onOptionsItemSelected(MenuItem item) {
-        switch (item.getItemId()) {
-            case R.id.change_password_button:
-                this.getPassword(CHANGE_PASSWORD, true);
-                return true;
-            case R.id.delete_button:
-                new AlertDialog.Builder(this)
-                        .setMessage(R.string.delete_alert)
-                        .setCancelable(false)
-                        .setPositiveButton(android.R.string.yes,
-                                new DialogInterface.OnClickListener() {
-                                    public void onClick(DialogInterface dialog, int id) {
-                                        SecureNoteActivity.this.deleteSecureNote();
-                                    }
-                                }).setNegativeButton(android.R.string.no, null).show();
-                return true;
-            default:
-                return super.onOptionsItemSelected(item);
-        }
-    }
-
-    @Override
-    protected void onStop() {
-        super.onStop();
-        if (this.autoCloseOnStop && !this.saveButton.isEnabled()) {
-            Log.d(TAG, "Auto closing");
-            SecureNoteActivity.this.finish();
-        }
-    }
-
-    private void getPassword(int requestCode, boolean verifyPasswords) {
-        Log.d(TAG, "Getting password");
-        Intent intent = new Intent(this, GetPasswordActivity.class);
-        intent.putExtra(GetPasswordActivity.MIN_PASSWORD_LENGTH_REQUEST_PARAM, 6);
-        intent.putExtra(GetPasswordActivity.VERIFY_PASSWORD_REQUEST_PARAM, verifyPasswords);
-        super.startActivityForResult(intent, requestCode);
-    }
-
-    private boolean isSecureNoteFilePresent() {
-        return super.getFileStreamPath(FILENAME).exists();
-    }
-
-    @Override
-    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
-        switch (resultCode) {
-            case RESULT_OK:
-                this.key = (Key)data
-                        .getSerializableExtra(GetPasswordActivity.PASSWORD_RESPONSE_PARAM);
-                switch (requestCode) {
-                    case GET_PASSWORD_FOR_LOAD:
-                        this.loadSecureNote();
-                        break;
-                    case GET_PASSWORD_FOR_SAVE:
-                        this.saveSecureNote();
-                        break;
-                    case CHANGE_PASSWORD:
-                        Log.d(TAG, "Changed password (in memory)");
-                        this.toast(R.string.changed_password);
-                        this.saveButton.setEnabled(true);
-                        break;
-                }
-                break;
-            case RESULT_CANCELED:
-                Log.d(TAG, "Canceled result. Ignoring.");
-                break;
-            default:
-                Log.w(TAG, "Unexpected result: " + resultCode);
-        }
-    }
-
-    public void onClick(View v) {
-        if (v == this.loadButton) {
-            if (this.key == null) {
-                this.getPassword(GET_PASSWORD_FOR_LOAD, false);
-            } else {
-                this.loadSecureNote();
-            }
-        } else if (v == this.saveButton) {
-            if (this.key == null) {
-                this.getPassword(GET_PASSWORD_FOR_SAVE, true);
-            } else {
-                this.saveSecureNote();
-            }
-        } else if (v == this.closeButton) {
-            Log.d(TAG, "Closing...");
-            if (this.saveButton.isEnabled()) {
-                new AlertDialog.Builder(this)
-                        .setMessage(R.string.close_alert)
-                        .setCancelable(false)
-                        .setPositiveButton(android.R.string.yes,
-                                new DialogInterface.OnClickListener() {
-                                    public void onClick(DialogInterface dialog, int id) {
-                                        SecureNoteActivity.this.finish();
-                                    }
-                                }).setNegativeButton(android.R.string.no, null).show();
-            } else {
-                super.finish();
-            }
-        }
-    }
-
-    @Override
-    protected void onDestroy() {
-        super.onDestroy();
-        this.key = null;
-        this.noteText.getText().clear();
-        this.noteText = null;
-        System.exit(0);
-    }
-
-    private void deleteSecureNote() {
-        Log.d(TAG, "Deleteting note");
-        if (super.getFileStreamPath(FILENAME).delete()) {
-            this.key = null;
-            this.noteText.getText().clear();
-            this.loadButton.setVisibility(View.GONE);
-            this.saveButton.setVisibility(View.VISIBLE);
-            this.saveButton.setEnabled(false);
-            this.noteText.setEnabled(true);
-            this.toast(R.string.deleted_note);
-            Log.d(TAG, "Deleted note");
-        } else {
-            this.toast(R.string.failed_to_delete);
-            Log.e(TAG, "Failed to delete note");
-        }
-    }
-
-    private void saveSecureNote() {
-        Log.d(TAG, "Saving note");
-        new AsyncTask<String, Void, Boolean>() {
-
-            @Override
-            protected Boolean doInBackground(String... strings) {
-                try {
-                    OutputStream out = SecureNoteActivity.super.openFileOutput(FILENAME,
-                            MODE_PRIVATE);
-                    try {
-                        Cipher cipher = CryptUtil.getEncryptCipher(SecureNoteActivity.this.key);
-                        byte[] iv = CryptUtil.getIv(cipher);
-                        out.write(iv);
-                        out = new CipherOutputStream(out, cipher);
-                        Writer writer = new OutputStreamWriter(out, CHARSET);
-                        for (String string : strings) {
-                            writer.write(string);
-                        }
-                        writer.flush();
-                    } finally {
-                        out.close();
-                    }
-                    Log.d(TAG, "Saved note to " + FILENAME);
-                    return true;
-                } catch (Exception e) {
-                    Log.e(TAG, "Failed to save note to " + FILENAME, e);
-                    SecureNoteActivity.super.getFileStreamPath(FILENAME).delete();
-                    return false;
-                }
-            }
-
-            @Override
-            protected void onPostExecute(Boolean result) {
-                if (result) {
-                    SecureNoteActivity.this.toast(R.string.saved_note);
-                    SecureNoteActivity.this.saveButton.setEnabled(false);
-                } else {
-                    SecureNoteActivity.this.toast(R.string.failed_to_save);
-                }
-            }
-
-        }.execute(this.noteText.getText().toString());
-    }
-
-    private void loadSecureNote() {
-        Log.d(TAG, "Loading note...");
-        new AsyncTask<Void, Void, String>() {
-            @Override
-            protected String doInBackground(Void... params) {
-                try {
-                    InputStream in = SecureNoteActivity.super.openFileInput(FILENAME);
-                    try {
-                        byte[] iv = CryptUtil.getIv(in);
-                        Cipher cipher = CryptUtil.getDecryptCipher(SecureNoteActivity.this.key, iv);
-                        in = new CipherInputStream(in, cipher);
-                        Reader reader = new InputStreamReader(in, CHARSET);
-                        StringBuilder out = new StringBuilder(1024);
-                        CharBuffer buffer = CharBuffer.allocate(64);
-                        for (int n; (n = reader.read(buffer)) != -1;) {
-                            buffer.flip();
-                            out.append(buffer, 0, n);
-                        }
-                        Log.d(TAG, "Loaded note from " + FILENAME);
-                        return out.toString();
-                    } finally {
-                        in.close();
-                    }
-                } catch (Exception e) {
-                    Log.e(TAG, "Failed to load note from " + FILENAME, e);
-                    return null;
-                }
-            }
-
-            @Override
-            protected void onPostExecute(String result) {
-                if (result == null) {
-                    SecureNoteActivity.this.toast(R.string.failed_to_load);
-                } else {
-                    SecureNoteActivity.this.noteText.setText(result);
-                    SecureNoteActivity.this.toast(R.string.loaded_note);
-                    SecureNoteActivity.this.loadButton.setVisibility(View.GONE);
-                    SecureNoteActivity.this.saveButton.setVisibility(View.VISIBLE);
-                    SecureNoteActivity.this.saveButton.setEnabled(false);
-                    SecureNoteActivity.this.noteText.setEnabled(true);
-                }
-            }
-        }.execute();
-    }
-
-    private void toast(int resId) {
-        Toast.makeText(this, resId, Toast.LENGTH_LONG).show();
-    }
-
-    public void afterTextChanged(Editable e) {
-        this.saveButton.setEnabled(true);
-    }
-
-    public void beforeTextChanged(CharSequence arg0, int arg1, int arg2, int arg3) {
-        // ignored
-    }
-
-    public void onTextChanged(CharSequence arg0, int arg1, int arg2, int arg3) {
-        // ignored
-
-    }
-}

From 301e571ca9bbafd995e1c59d0a76d5e85ddd95f1 Mon Sep 17 00:00:00 2001
From: Dave Smith <smith@wiresareobsolete.com>
Date: Fri, 22 May 2015 08:18:41 -0600
Subject: [PATCH 02/14] Code cleanup.

---
 app/src/main/AndroidManifest.xml              |   4 -
 .../securenote/GetPasswordActivity.java       | 107 -------------
 .../android/securenote/GetPasswordDialog.java | 151 ++++++++++++++++++
 .../securenote/SecureNoteActivity.java        | 111 ++++++-------
 .../securenote/crypto/PasswordEncryptor.java  |  16 +-
 .../crypto/RSAHardwareEncryptor.java          |  27 +++-
 app/src/main/res/layout/secure_note.xml       |   3 +-
 app/src/main/res/values/strings.xml           |  19 +--
 8 files changed, 236 insertions(+), 202 deletions(-)
 delete mode 100644 app/src/main/java/com/example/android/securenote/GetPasswordActivity.java
 create mode 100644 app/src/main/java/com/example/android/securenote/GetPasswordDialog.java

diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index 0800f33..3aeb86d 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -11,9 +11,5 @@
 				<category android:name="android.intent.category.LAUNCHER" />
 			</intent-filter>
 		</activity>
-		<activity android:name=".GetPasswordActivity"
-			android:label="@string/get_password_label"
-			android:theme="@android:style/Theme.Holo.Dialog"
-			android:exported="false" />
 	</application>
 </manifest>
\ No newline at end of file
diff --git a/app/src/main/java/com/example/android/securenote/GetPasswordActivity.java b/app/src/main/java/com/example/android/securenote/GetPasswordActivity.java
deleted file mode 100644
index ebfe3d3..0000000
--- a/app/src/main/java/com/example/android/securenote/GetPasswordActivity.java
+++ /dev/null
@@ -1,107 +0,0 @@
-
-package com.example.android.securenote;
-
-import java.security.NoSuchAlgorithmException;
-
-import android.app.Activity;
-import android.content.Intent;
-import android.os.Bundle;
-import android.text.Editable;
-import android.text.TextWatcher;
-import android.util.Log;
-import android.view.View;
-import android.view.View.OnClickListener;
-import android.widget.Button;
-import android.widget.EditText;
-
-public class GetPasswordActivity extends Activity implements
-        OnClickListener, TextWatcher {
-    private static final String TAG = GetPasswordActivity.class.getSimpleName();
-
-    public static final String VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword";
-    public static final String MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength";
-    public static final String PASSWORD_RESPONSE_PARAM = "password";
-
-    private EditText password;
-    private EditText passwordVerification;
-    private Button ok;
-    private Button cancel;
-    private int minPasswordLength;
-
-    @Override
-    protected void onCreate(Bundle savedInstanceState) {
-        super.onCreate(savedInstanceState);
-        super.setContentView(R.layout.get_password);
-        this.password = (EditText)super.findViewById(R.id.password_text);
-        this.passwordVerification = (EditText)super.findViewById(R.id.password_verification_text);
-        this.ok = (Button)super.findViewById(R.id.ok_button);
-        this.cancel = (Button)super.findViewById(R.id.cancel_button);
-        this.ok.setOnClickListener(this);
-        this.cancel.setOnClickListener(this);
-
-        Intent request = super.getIntent();
-        boolean verifyPassword = request.getBooleanExtra(VERIFY_PASSWORD_REQUEST_PARAM, true);
-        if (verifyPassword) {
-            this.ok.setEnabled(false);
-            this.minPasswordLength = request.getIntExtra(MIN_PASSWORD_LENGTH_REQUEST_PARAM, 0);
-            if (minPasswordLength > 0) {
-                this.password.setHint(super.getString(R.string.password_hint_min_length,
-                        this.minPasswordLength));
-            }
-            this.password.addTextChangedListener(this);
-            this.passwordVerification.addTextChangedListener(this);
-        } else {
-            this.passwordVerification.setVisibility(View.GONE);
-        }
-    }
-
-    @Override
-    protected void onPause() {
-        super.onPause();
-        this.password.getText().clear();
-        this.passwordVerification.getText().clear();
-        Log.d(TAG, "Cleared password fields");
-    }
-
-    public void onClick(View v) {
-        if (v == this.ok) {
-            Intent reply = new Intent();
-            String password = this.password.getText().toString();
-            reply.putExtra(PASSWORD_RESPONSE_PARAM, password);
-            super.setResult(RESULT_OK, reply);
-        } else if (v == this.cancel) {
-            super.setResult(RESULT_CANCELED);
-        }
-        // the passwords will be cleared during onPause()
-        super.finish();
-    }
-
-    public void afterTextChanged(Editable s) {
-        if (this.password.length() < this.minPasswordLength) {
-            Log.d(TAG, "Password too short");
-            this.ok.setEnabled(false);
-        } else if (this.password.length() != this.passwordVerification.length()) {
-            Log.d(TAG, "Passwords' length differs");
-            this.ok.setEnabled(false);
-        } else {
-            for (int i = 0; i < this.password.getText().length(); i++) {
-                if (this.password.getText().charAt(i) != this.passwordVerification.getText()
-                        .charAt(i)) {
-                    Log.d(TAG, "Passwords differ");
-                    this.ok.setEnabled(false);
-                    return;
-                }
-            }
-            Log.d(TAG, "Passwords are the same");
-            this.ok.setEnabled(true);
-        }
-    }
-
-    public void beforeTextChanged(CharSequence s, int start, int count, int after) {
-        // ignored
-    }
-
-    public void onTextChanged(CharSequence s, int start, int before, int count) {
-        // ignored
-    }
-}
diff --git a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
new file mode 100644
index 0000000..9d77b43
--- /dev/null
+++ b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
@@ -0,0 +1,151 @@
+
+package com.example.android.securenote;
+
+import android.app.Activity;
+import android.app.DialogFragment;
+import android.os.Bundle;
+import android.text.Editable;
+import android.text.TextWatcher;
+import android.util.Log;
+import android.view.LayoutInflater;
+import android.view.View;
+import android.view.View.OnClickListener;
+import android.view.ViewGroup;
+import android.widget.Button;
+import android.widget.EditText;
+
+public class GetPasswordDialog extends DialogFragment implements
+        OnClickListener, TextWatcher {
+    private static final String TAG = GetPasswordDialog.class.getSimpleName();
+
+    public static final String VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword";
+    public static final String MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength";
+    public static final String REQUEST_PARAM = "requestType";
+
+    public static GetPasswordDialog newInstance(int requestType,
+                                                int minPasswordLength,
+                                                boolean verifyPassword) {
+        GetPasswordDialog dialog = new GetPasswordDialog();
+        Bundle args = new Bundle();
+        args.putBoolean(VERIFY_PASSWORD_REQUEST_PARAM, verifyPassword);
+        args.putInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, minPasswordLength);
+        args.putInt(REQUEST_PARAM, requestType);
+        dialog.setArguments(args);
+
+        return dialog;
+    }
+
+    public interface OnPasswordListener {
+        public void onPasswordValid(int requestType, String password);
+        public void onPasswordCancel();
+    }
+
+    private EditText mPassword;
+    private EditText mPasswordVerification;
+    private Button mOkButton;
+    private int mMinPasswordLength;
+
+    private OnPasswordListener mPasswordListener;
+
+    @Override
+    public void onAttach(Activity activity) {
+        super.onAttach(activity);
+        try {
+            mPasswordListener = (OnPasswordListener) activity;
+        } catch (ClassCastException e) {
+            throw new IllegalArgumentException(
+                    activity.getClass().getSimpleName()
+                            + " shoud implement OnPasswordListener");
+        }
+    }
+
+    @Override
+    public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) {
+        getDialog().setTitle(R.string.get_password_label);
+        View content = inflater.inflate(R.layout.get_password, container, false);
+
+        mPassword = (EditText) content.findViewById(R.id.password_text);
+        mPasswordVerification = (EditText) content.findViewById(R.id.password_verification_text);
+        mOkButton = (Button) content.findViewById(R.id.ok_button);
+
+        content.findViewById(R.id.cancel_button).setOnClickListener(this);
+        mOkButton.setOnClickListener(this);
+
+
+        return content;
+    }
+
+    @Override
+    public void onActivityCreated(Bundle savedInstanceState) {
+        super.onActivityCreated(savedInstanceState);
+        final Bundle args = getArguments();
+
+        boolean verifyPassword = args.getBoolean(VERIFY_PASSWORD_REQUEST_PARAM, true);
+        if (verifyPassword) {
+            mOkButton.setEnabled(false);
+            mMinPasswordLength = args.getInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, 0);
+            if (mMinPasswordLength > 0) {
+                mPassword.setHint(super.getString(R.string.password_hint_min_length,
+                        mMinPasswordLength));
+            }
+            mPassword.addTextChangedListener(this);
+            mPasswordVerification.addTextChangedListener(this);
+        } else {
+            mPasswordVerification.setVisibility(View.GONE);
+        }
+    }
+
+    @Override
+    public void onPause() {
+        super.onPause();
+        mPassword.getText().clear();
+        mPasswordVerification.getText().clear();
+        Log.d(TAG, "Cleared password fields");
+    }
+
+    public void onClick(View v) {
+        switch (v.getId()) {
+            case R.id.ok_button:
+                final int requestType = getArguments().getInt(REQUEST_PARAM);
+                final String password = mPassword.getText().toString();
+                mPasswordListener.onPasswordValid(requestType, password);
+                break;
+            case R.id.cancel_button:
+                mPasswordListener.onPasswordCancel();
+                break;
+            default:
+                throw new IllegalArgumentException("Invalid Button");
+        }
+        // the passwords will be cleared during onPause()
+        dismiss();
+    }
+
+    public void afterTextChanged(Editable s) {
+        if (mPassword.length() < mMinPasswordLength) {
+            Log.d(TAG, "Password too short");
+            mOkButton.setEnabled(false);
+        } else if (mPassword.length() != mPasswordVerification.length()) {
+            Log.d(TAG, "Passwords' length differs");
+            mOkButton.setEnabled(false);
+        } else {
+            for (int i = 0; i < mPassword.getText().length(); i++) {
+                if (mPassword.getText().charAt(i) != mPasswordVerification.getText()
+                        .charAt(i)) {
+                    Log.d(TAG, "Passwords differ");
+                    mOkButton.setEnabled(false);
+                    return;
+                }
+            }
+            Log.d(TAG, "Passwords are the same");
+            mOkButton.setEnabled(true);
+        }
+    }
+
+    public void beforeTextChanged(CharSequence s, int start, int count, int after) {
+        // ignored
+    }
+
+    public void onTextChanged(CharSequence s, int start, int before, int count) {
+        // ignored
+    }
+}
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
index fbe35ea..24a94b9 100644
--- a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
+++ b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
@@ -2,22 +2,11 @@
 package com.example.android.securenote;
 
 import java.io.InputStream;
-import java.io.InputStreamReader;
 import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.io.Reader;
-import java.io.Writer;
-import java.nio.CharBuffer;
-import java.security.Key;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
 
 import android.app.Activity;
 import android.app.AlertDialog;
 import android.content.DialogInterface;
-import android.content.Intent;
 import android.os.AsyncTask;
 import android.os.Bundle;
 import android.text.Editable;
@@ -37,43 +26,40 @@
 import com.example.android.securenote.crypto.RSAHardwareEncryptor;
 
 public class SecureNoteActivity extends Activity implements
-        OnClickListener, TextWatcher {
+        OnClickListener, TextWatcher, GetPasswordDialog.OnPasswordListener {
     private static final String TAG = SecureNoteActivity.class.getSimpleName();
 
-    private static final String PASSWORD_KEY = "password";
-    private static final String CHARSET = "UTF-8";
     private static final String FILENAME = "secure.note";
 
     /* Password Activity Actions */
     private static final int GET_PASSWORD_FOR_LOAD = 1;
     private static final int GET_PASSWORD_FOR_SAVE = 2;
 
-    private EditText noteText;
-    private TextView resultText;
-    private RadioGroup encryptionSelect;
-    private Button loadButton;
-    private Button saveButton;
+    private EditText mNoteText;
+    private TextView mResultText;
+    private RadioGroup mEncryptionSelect;
+    private Button mSaveButton;
 
-    private PasswordEncryptor passwordEncryptor;
-    private RSAHardwareEncryptor hardwareEncryptor;
+    private PasswordEncryptor mPasswordEncryptor;
+    private RSAHardwareEncryptor mHardwareEncryptor;
 
     @Override
     public void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         setContentView(R.layout.secure_note);
 
-        this.noteText = (EditText) findViewById(R.id.note_text);
-        this.resultText = (TextView) findViewById(R.id.text_result);
-        this.encryptionSelect = (RadioGroup) findViewById(R.id.type_select);
-        this.loadButton = (Button) findViewById(R.id.load_button);
-        this.saveButton = (Button) findViewById(R.id.save_button);
+        mNoteText = (EditText) findViewById(R.id.note_text);
+        mResultText = (TextView) findViewById(R.id.text_result);
+        mEncryptionSelect = (RadioGroup) findViewById(R.id.type_select);
+        mSaveButton = (Button) findViewById(R.id.save_button);
 
-        this.loadButton.setOnClickListener(this);
-        this.saveButton.setOnClickListener(this);
-        this.noteText.addTextChangedListener(this);
+        findViewById(R.id.load_button).setOnClickListener(this);
+        mSaveButton.setOnClickListener(this);
+        mNoteText.addTextChangedListener(this);
+        mNoteText.setText(null);
 
-        passwordEncryptor = new PasswordEncryptor();
-        hardwareEncryptor = new RSAHardwareEncryptor(this);
+        mPasswordEncryptor = new PasswordEncryptor();
+        mHardwareEncryptor = new RSAHardwareEncryptor(this);
     }
 
     @Override
@@ -101,7 +87,9 @@ public boolean onOptionsItemSelected(MenuItem item) {
                                     public void onClick(DialogInterface dialog, int id) {
                                         deleteSecureNote();
                                     }
-                                }).setNegativeButton(android.R.string.no, null).show();
+                                })
+                        .setNegativeButton(android.R.string.no, null)
+                        .show();
                 return true;
             default:
                 return super.onOptionsItemSelected(item);
@@ -110,11 +98,10 @@ public void onClick(DialogInterface dialog, int id) {
 
     private void getPassword(int requestCode, boolean verifyPasswords) {
         Log.d(TAG, "Getting password");
-        Intent intent = new Intent(this, GetPasswordActivity.class);
-        intent.putExtra(GetPasswordActivity.MIN_PASSWORD_LENGTH_REQUEST_PARAM, 6);
-        intent.putExtra(GetPasswordActivity.VERIFY_PASSWORD_REQUEST_PARAM, verifyPasswords);
-
-        startActivityForResult(intent, requestCode);
+        GetPasswordDialog dialog = GetPasswordDialog.newInstance(requestCode,
+                6, verifyPasswords);
+        dialog.show(getFragmentManager(),
+                GetPasswordDialog.class.getSimpleName());
     }
 
     private boolean isSecureNoteFilePresent() {
@@ -122,30 +109,24 @@ private boolean isSecureNoteFilePresent() {
     }
 
     @Override
-    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
-        switch (resultCode) {
-            case RESULT_OK:
-                String passkey = data.getStringExtra(
-                        GetPasswordActivity.PASSWORD_RESPONSE_PARAM);
-                switch (requestCode) {
-                    case GET_PASSWORD_FOR_LOAD:
-                        this.loadSecureNote(passkey);
-                        break;
-                    case GET_PASSWORD_FOR_SAVE:
-                        this.saveSecureNote(passkey);
-                        break;
-                }
+    public void onPasswordValid(int requestType, String password) {
+        switch (requestType) {
+            case GET_PASSWORD_FOR_LOAD:
+                this.loadSecureNote(password);
                 break;
-            case RESULT_CANCELED:
-                Log.d(TAG, "Canceled result. Ignoring.");
+            case GET_PASSWORD_FOR_SAVE:
+                this.saveSecureNote(password);
                 break;
-            default:
-                Log.w(TAG, "Unexpected result: " + resultCode);
         }
     }
 
+    @Override
+    public void onPasswordCancel() {
+        Log.d(TAG, "Canceled result. Ignoring.");
+    }
+
     public void onClick(View v) {
-        int encryptionType = this.encryptionSelect.getCheckedRadioButtonId();
+        int encryptionType = mEncryptionSelect.getCheckedRadioButtonId();
         switch (v.getId()) {
             case R.id.load_button:
                 if (encryptionType == R.id.type_password) {
@@ -169,7 +150,7 @@ public void onClick(View v) {
     @Override
     protected void onDestroy() {
         super.onDestroy();
-        this.noteText.getText().clear();
+        mNoteText.getText().clear();
     }
 
     private void deleteSecureNote() {
@@ -191,11 +172,11 @@ private void saveSecureNote(final String passkey) {
             protected Boolean doInBackground(String... strings) {
                 try {
                     OutputStream out = openFileOutput(FILENAME, MODE_PRIVATE);
-                    String note = strings[0];
+                    byte[] noteData = strings[0].getBytes();
                     if (passkey == null) {
-                        hardwareEncryptor.encryptData(note.getBytes(), out);
+                        mHardwareEncryptor.encryptData(noteData, out);
                     } else {
-                        passwordEncryptor.encryptData(passkey, note.getBytes(), out);
+                        mPasswordEncryptor.encryptData(passkey, noteData, out);
                     }
                     Log.d(TAG, "Saved note to " + FILENAME);
 
@@ -210,14 +191,14 @@ protected Boolean doInBackground(String... strings) {
             @Override
             protected void onPostExecute(Boolean result) {
                 if (result) {
-                    SecureNoteActivity.this.noteText.getText().clear();
+                    mNoteText.getText().clear();
                     toast(R.string.saved_note);
                 } else {
                     toast(R.string.failed_to_save);
                 }
             }
 
-        }.execute(this.noteText.getText().toString());
+        }.execute(mNoteText.getText().toString());
     }
 
     private void loadSecureNote(final String passkey) {
@@ -229,9 +210,9 @@ protected String doInBackground(Void... params) {
                     InputStream in = openFileInput(FILENAME);
                     byte[] decrypted;
                     if (passkey == null) {
-                        decrypted = hardwareEncryptor.decryptData(in);
+                        decrypted = mHardwareEncryptor.decryptData(in);
                     } else {
-                        decrypted = passwordEncryptor.decryptData(passkey, in);
+                        decrypted = mPasswordEncryptor.decryptData(passkey, in);
                     }
                     Log.d(TAG, "Loaded note from " + FILENAME);
                     return new String(decrypted);
@@ -246,7 +227,7 @@ protected void onPostExecute(String result) {
                 if (result == null) {
                     toast(R.string.failed_to_load);
                 } else {
-                    SecureNoteActivity.this.resultText.setText(result);
+                    mResultText.setText(result);
                     toast(R.string.loaded_note);
                 }
             }
@@ -258,7 +239,7 @@ private void toast(int resId) {
     }
 
     public void afterTextChanged(Editable s) {
-        this.saveButton.setEnabled(true);
+        mSaveButton.setEnabled(s.length() != 0);
     }
 
     @Override
diff --git a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
index 18e4555..e54726e 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
+++ b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
@@ -42,8 +42,10 @@ public PasswordEncryptor() {
      * Return a cipher text blob of encrypted data, Base64 encoded.
      *
      * @throws GeneralSecurityException
+     * @throws IOException
      */
-    public void encryptData(String passphrase, byte[] data, OutputStream out) throws GeneralSecurityException, IOException {
+    public void encryptData(String passphrase, byte[] data, OutputStream out) throws
+            GeneralSecurityException, IOException {
         Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
 
         byte[] salt = new byte[SALT_LENGTH];
@@ -76,7 +78,8 @@ public void encryptData(String passphrase, byte[] data, OutputStream out) throws
      * @throws GeneralSecurityException
      * @throws IOException
      */
-    public byte[] decryptData(String passphrase, InputStream in) throws GeneralSecurityException, IOException {
+    public byte[] decryptData(String passphrase, InputStream in) throws
+            GeneralSecurityException, IOException {
         //Unpack cipherText
         String cipherText = readFile(in);
         String[] fields = cipherText.split(DELIMITER);
@@ -96,14 +99,17 @@ public byte[] decryptData(String passphrase, InputStream in) throws GeneralSecur
         return cipher.doFinal(encrypted);
     }
 
-    private SecretKey generateSecretKey(char[] passphraseOrPin, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException {
+    private SecretKey generateSecretKey(char[] passphraseOrPin, byte[] salt) throws
+            NoSuchAlgorithmException, InvalidKeySpecException {
         // Number of PBKDF2 hardening rounds to use. Larger values increase
         // computation time. You should select a value that causes computation
         // to take >100ms.
         final int iterations = 1000;
 
-        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
-        KeySpec keySpec = new PBEKeySpec(passphraseOrPin, salt, iterations, KEY_LENGTH);
+        SecretKeyFactory secretKeyFactory =
+                SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+        KeySpec keySpec =
+                new PBEKeySpec(passphraseOrPin, salt, iterations, KEY_LENGTH);
         byte[] keyBytes = secretKeyFactory.generateSecret(keySpec).getEncoded();
         return new SecretKeySpec(keyBytes, "AES");
     }
diff --git a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
index 26c3c7a..05ed674 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
+++ b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
@@ -66,7 +66,14 @@ public RSAHardwareEncryptor(Context context) {
         }
     }
 
-    public void encryptData(byte[] data, OutputStream out) throws GeneralSecurityException, IOException {
+    /**
+     * Return a cipher text blob of encrypted data, Base64 encoded.
+     *
+     * @throws GeneralSecurityException
+     * @throws IOException
+     */
+    public void encryptData(byte[] data, OutputStream out) throws
+            GeneralSecurityException, IOException {
         Key key = retrievePublicKey();
         Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
         cipher.init(Cipher.ENCRYPT_MODE, key);
@@ -84,7 +91,14 @@ public void encryptData(byte[] data, OutputStream out) throws GeneralSecurityExc
         }
     }
 
-    public byte[] decryptData(InputStream in) throws GeneralSecurityException, IOException {
+    /**
+     * Return decrypted data from the received cipher text blob.
+     *
+     * @throws GeneralSecurityException
+     * @throws IOException
+     */
+    public byte[] decryptData(InputStream in) throws
+            GeneralSecurityException, IOException {
         Key key = retrievePrivateKey();
         Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
         cipher.init(Cipher.DECRYPT_MODE, key);
@@ -97,7 +111,8 @@ public byte[] decryptData(InputStream in) throws GeneralSecurityException, IOExc
         return readFile(in).getBytes();
     }
 
-    public Key retrievePublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
+    public Key retrievePublicKey() throws
+            NoSuchAlgorithmException, InvalidKeySpecException {
         String encodedKey = mPublicKeyStore.getString(KEY_PUBLIC, null);
         if (encodedKey == null) {
             throw new RuntimeException("Expected valid public key!");
@@ -108,7 +123,8 @@ public Key retrievePublicKey() throws NoSuchAlgorithmException, InvalidKeySpecEx
                         .generatePublic(new X509EncodedKeySpec(publicKey));
     }
 
-    public Key retrievePrivateKey() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException {
+    public Key retrievePrivateKey() throws
+            GeneralSecurityException, IOException {
         KeyStore ks = KeyStore.getInstance(PROVIDER_NAME);
         ks.load(null);
         KeyStore.Entry entry = ks.getEntry(KEY_ALIAS, null);
@@ -120,7 +136,8 @@ public Key retrievePrivateKey() throws KeyStoreException, CertificateException,
         return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
     }
 
-    private void generatePrivateKey(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
+    private void generatePrivateKey(Context context) throws
+            GeneralSecurityException {
         Calendar cal = Calendar.getInstance();
         Date now = cal.getTime();
         cal.add(Calendar.YEAR, 1);
diff --git a/app/src/main/res/layout/secure_note.xml b/app/src/main/res/layout/secure_note.xml
index ba78038..0e96395 100644
--- a/app/src/main/res/layout/secure_note.xml
+++ b/app/src/main/res/layout/secure_note.xml
@@ -35,7 +35,8 @@
             android:layout_width="0dp"
             android:layout_height="wrap_content"
             android:layout_weight="1"
-            android:text="Password-Based"/>
+            android:text="Password-Based"
+            android:checked="true"/>
         <RadioButton
             android:id="@+id/type_key"
             android:layout_width="0dp"
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 60ccb49..55aafe3 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -4,17 +4,11 @@
 	<string name="loaded_note">Loaded your note.</string>
 	<string name="failed_to_save">Failed to save your note.</string>
 	<string name="saved_note">Saved your note.</string>
-	<string name="changed_password">Save your note to apply your new password.</string>
 	<string name="app_name">Secure Note</string>
 	<string name="secure_note_title">Secure Note</string>
-	<string name="secure_note_warning">Unless you close this application, your secure note
-		may be available in the background.</string>
-	<string name="note_text_hint">The text you enter here will be stored securely
-	</string>
+	<string name="note_text_hint">Tell me a secret</string>
 	<string name="load_button">Load</string>
-	<string name="change_password_button">Change Password</string>
 	<string name="save_button">Save</string>
-	<string name="close_button">Close</string>
 	<string name="ok_button">OK</string>
 	<string name="cancel_button">Cancel</string>
 	<string name="get_password_label">Enter your password</string>
@@ -22,12 +16,7 @@
 	<string name="password_hint_min_length">Password (min %d chars)</string>
 	<string name="password_verification_hint">Password verification</string>
 	<string name="delete_button">Delete</string>
-	<string name="delete_alert">Are you sure you wish to delete your secure note
-		and reset your password?</string>
-	<string name="deleted_note">
-		Deleted your note and reset your password</string>
-	<string name="failed_to_delete">Failed to delete your note and reset your passwod
-	</string>
-	<string name="close_alert">Your secure note has not been saved. Are you sure
-		you wish to close and discard your changes?</string>
+	<string name="delete_alert">Are you sure you wish to delete?</string>
+	<string name="deleted_note">Deleted your note</string>
+	<string name="failed_to_delete">Failed to delete your note</string>
 </resources>

From 1c2dee551b1a7fa64c07dd73d2b6ac7b45c82601 Mon Sep 17 00:00:00 2001
From: Dave Smith <smith@wiresareobsolete.com>
Date: Fri, 22 May 2015 09:05:52 -0600
Subject: [PATCH 03/14] Initial lab setup.

---
 .../securenote/crypto/PasswordEncryptor.java  |  92 +++++-------
 .../crypto/RSAHardwareEncryptor.java          | 131 +++++++++---------
 2 files changed, 101 insertions(+), 122 deletions(-)

diff --git a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
index e54726e..7e7e876 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
+++ b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
@@ -29,6 +29,9 @@ public class PasswordEncryptor {
     private static final String ENCRYPTION_ALGORITHM = "AES/CBC/PKCS5Padding";
     private static final int KEY_LENGTH = 256;
     private static final int SALT_LENGTH = KEY_LENGTH / 8;
+
+    //Delimiter should be used between components of the ciphertext
+    // We chose '&' because is not part of the Base64 character set
     private static final String DELIMITER = "&";
 
     private SecureRandom mSecureRandom;
@@ -38,6 +41,22 @@ public PasswordEncryptor() {
         mSecureRandom = new SecureRandom();
     }
 
+    /**
+     * Create a new symmetric key used in both encryption and decryption
+     *
+     * @throws NoSuchAlgorithmException
+     * @throws InvalidKeySpecException
+     */
+    private SecretKey generateSecretKey(char[] passphraseOrPin, byte[] salt) throws
+            NoSuchAlgorithmException, InvalidKeySpecException {
+        /*
+         * TODO: Encryption Lab:
+         * Generate a new key from the supplied password+salt using AES.
+         * Use KEY_LENGTH for the length of the generated key.
+         */
+        return null;
+    }
+
     /**
      * Return a cipher text blob of encrypted data, Base64 encoded.
      *
@@ -46,30 +65,15 @@ public PasswordEncryptor() {
      */
     public void encryptData(String passphrase, byte[] data, OutputStream out) throws
             GeneralSecurityException, IOException {
-        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
-
-        byte[] salt = new byte[SALT_LENGTH];
-        mSecureRandom.nextBytes(salt);
-
-        byte[] iv = new byte[cipher.getBlockSize()];
-        mSecureRandom.nextBytes(iv);
-
-        Key key = generateSecretKey(passphrase.toCharArray(), salt);
-        cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
-
-        //Pack the result in a cipher text blob
-        final byte[] encrypted = cipher.doFinal(data);
-        try {
-            out.write(Base64.encode(salt, Base64.NO_WRAP));
-            out.write(DELIMITER.getBytes());
-            out.write(Base64.encode(iv, Base64.NO_WRAP));
-            out.write(DELIMITER.getBytes());
-            out.write(Base64.encode(encrypted, Base64.NO_WRAP));
-
-            out.flush();
-        } finally {
-            out.close();
-        }
+        /*
+         * TODO: Encryption Lab:
+         * Use SecureRandom to generate a new salt, length=SALT_LENGTH
+         * Use SecureRandom to generate a new iv, length=getBlockSize()
+         * Create and use a cipher to encrypt the incoming data (ENCRYPTION_ALGORITHM is already set).
+         * Pack and write all three (salt,iv,encrypted) as a ciphertext blob to the provided stream.
+         * - Each item should have a DELIMITER between it
+         * Don't forget to Base64 encode everything you write to the file
+         */
     }
 
     /**
@@ -80,40 +84,16 @@ public void encryptData(String passphrase, byte[] data, OutputStream out) throws
      */
     public byte[] decryptData(String passphrase, InputStream in) throws
             GeneralSecurityException, IOException {
-        //Unpack cipherText
-        String cipherText = readFile(in);
-        String[] fields = cipherText.split(DELIMITER);
-        if (fields.length != 3) {
-            throw new IllegalArgumentException("Not a valid cipher text blob");
-        }
-
-        final byte[] salt = Base64.decode(fields[0], Base64.NO_WRAP);
-        final byte[] iv = Base64.decode(fields[1], Base64.NO_WRAP);
-        final byte[] encrypted = Base64.decode(fields[2], Base64.NO_WRAP);
-
-        Key key = generateSecretKey(passphrase.toCharArray(), salt);
-        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
-
-        cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
-
-        return cipher.doFinal(encrypted);
-    }
-
-    private SecretKey generateSecretKey(char[] passphraseOrPin, byte[] salt) throws
-            NoSuchAlgorithmException, InvalidKeySpecException {
-        // Number of PBKDF2 hardening rounds to use. Larger values increase
-        // computation time. You should select a value that causes computation
-        // to take >100ms.
-        final int iterations = 1000;
-
-        SecretKeyFactory secretKeyFactory =
-                SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
-        KeySpec keySpec =
-                new PBEKeySpec(passphraseOrPin, salt, iterations, KEY_LENGTH);
-        byte[] keyBytes = secretKeyFactory.generateSecret(keySpec).getEncoded();
-        return new SecretKeySpec(keyBytes, "AES");
+        /*
+         * TODO: Encryption Lab:
+         * Parse the ciphertext blob and unpack the stored iv, salt, and encrypted contents.
+         * Construct and use a Cipher to decrypt the data.
+         * Return the decrypted bytes.
+         */
+        return null;
     }
 
+    /* Helper method to parse a file stream into memory */
     private String readFile(InputStream in) throws IOException {
         InputStreamReader reader = new InputStreamReader(in);
         StringBuilder sb = new StringBuilder();
diff --git a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
index 05ed674..c62a08d 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
+++ b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
@@ -46,9 +46,12 @@ public class RSAHardwareEncryptor {
     private static final String KEY_ALGORITHM = "RSA";
     private static final String ENCRYPTION_ALGORITHM = "RSA/ECB/PKCS1Padding";
 
+    //Preferences alias for the public key
     private static final String KEY_PUBLIC = "publickey";
+    //KeyStore alias for the private key
     private static final String KEY_ALIAS = "secureKeyAlias";
 
+    //Persistent location where we will save the public key
     private SharedPreferences mPublicKeyStore;
 
     public RSAHardwareEncryptor(Context context) {
@@ -67,75 +70,11 @@ public RSAHardwareEncryptor(Context context) {
     }
 
     /**
-     * Return a cipher text blob of encrypted data, Base64 encoded.
-     *
-     * @throws GeneralSecurityException
-     * @throws IOException
-     */
-    public void encryptData(byte[] data, OutputStream out) throws
-            GeneralSecurityException, IOException {
-        Key key = retrievePublicKey();
-        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
-        cipher.init(Cipher.ENCRYPT_MODE, key);
-
-        //Encode output to file
-        out = new Base64OutputStream(out, Base64.NO_WRAP);
-        //Encrypt output to encoder
-        out = new CipherOutputStream(out, cipher);
-
-        try {
-            out.write(data);
-            out.flush();
-        } finally {
-            out.close();
-        }
-    }
-
-    /**
-     * Return decrypted data from the received cipher text blob.
+     * Create a self-signed certificate and private key in hardware storage.
+     * Persist the (non-secret) public key into SharedPreferences.
      *
      * @throws GeneralSecurityException
-     * @throws IOException
      */
-    public byte[] decryptData(InputStream in) throws
-            GeneralSecurityException, IOException {
-        Key key = retrievePrivateKey();
-        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
-        cipher.init(Cipher.DECRYPT_MODE, key);
-
-        //Decode input from file
-        in = new Base64InputStream(in, Base64.NO_WRAP);
-        //Decrypt input from decoder
-        in = new CipherInputStream(in, cipher);
-
-        return readFile(in).getBytes();
-    }
-
-    public Key retrievePublicKey() throws
-            NoSuchAlgorithmException, InvalidKeySpecException {
-        String encodedKey = mPublicKeyStore.getString(KEY_PUBLIC, null);
-        if (encodedKey == null) {
-            throw new RuntimeException("Expected valid public key!");
-        }
-
-        byte[] publicKey = Base64.decode(encodedKey, Base64.NO_WRAP);
-        return KeyFactory.getInstance(KEY_ALGORITHM)
-                        .generatePublic(new X509EncodedKeySpec(publicKey));
-    }
-
-    public Key retrievePrivateKey() throws
-            GeneralSecurityException, IOException {
-        KeyStore ks = KeyStore.getInstance(PROVIDER_NAME);
-        ks.load(null);
-        KeyStore.Entry entry = ks.getEntry(KEY_ALIAS, null);
-        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
-            Log.w(TAG, "Not an instance of a PrivateKeyEntry");
-            return null;
-        }
-
-        return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
-    }
-
     private void generatePrivateKey(Context context) throws
             GeneralSecurityException {
         Calendar cal = Calendar.getInstance();
@@ -161,6 +100,66 @@ private void generatePrivateKey(Context context) throws
         mPublicKeyStore.edit().putString(KEY_PUBLIC, encodedKey).apply();
     }
 
+    /**
+     * Return a cipher text blob of encrypted data, Base64 encoded.
+     *
+     * @throws GeneralSecurityException
+     * @throws IOException
+     */
+    public void encryptData(byte[] data, OutputStream out) throws
+            GeneralSecurityException, IOException {
+        /*
+         * TODO: Encryption Lab:
+         * Obtain the public key for encryption
+         * Create and init a Cipher (with ENCRYPTION_ALGORITHM)
+         * Wrap the supplied stream in another provides Base64 encoding
+         * Wrap the encoding stream in another that encrypts with cipher
+         * Write the supplied data to the streams.
+         */
+    }
+
+    /**
+     * Return decrypted data from the received cipher text blob.
+     *
+     * @throws GeneralSecurityException
+     * @throws IOException
+     */
+    public byte[] decryptData(InputStream in) throws
+            GeneralSecurityException, IOException {
+        /*
+         * TODO: Encryption Lab:
+         * Obtain the private key for decryption
+         * Create and init a Cipher (with ENCRYPTION_ALGORITHM)
+         * Wrap the supplied stream in another parses Base64 encoding
+         * Wrap the encoding stream in another that decrypts with cipher
+         * Read the stream fully and return the decrypted bytes
+         */
+        return null;
+    }
+
+    public Key retrievePublicKey() throws
+            NoSuchAlgorithmException, InvalidKeySpecException {
+        /*
+         * TODO: Encryption Lab:
+         * Get the encoded key from SharedPreferences
+         * Decode the key (from Base64) to raw bytes
+         * Return a public key instance from the bytes using KeyFactory
+         */
+        return null;
+    }
+
+    public Key retrievePrivateKey() throws
+            GeneralSecurityException, IOException {
+        /*
+         * TODO: Encryption Lab:
+         * Obtain an instance of AndroidKeyStore and load it
+         * Get the private key alias and return the key
+         */
+        return null;
+    }
+
+
+    /* Helper method to parse a file stream into memory */
     private String readFile(InputStream in) throws IOException {
         InputStreamReader reader = new InputStreamReader(in);
         StringBuilder sb = new StringBuilder();

From 9dcac73bcfcf39444e5cbebc33c92c9854528d4b Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Mon, 9 Apr 2018 18:56:48 +0200
Subject: [PATCH 04/14] Added support for Android-27

---
 app/build.gradle                         | 8 ++++----
 build.gradle                             | 8 +++++++-
 gradle/wrapper/gradle-wrapper.properties | 2 +-
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/app/build.gradle b/app/build.gradle
index 10af4f3..caaae0c 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -1,13 +1,13 @@
 apply plugin: 'com.android.application'
 
 android {
-    compileSdkVersion 22
-    buildToolsVersion "22.0.1"
+    compileSdkVersion 27
+    buildToolsVersion "27.0.3"
 
     defaultConfig {
         applicationId "com.example.android.securenote"
-        minSdkVersion 18
-        targetSdkVersion 22
+        minSdkVersion 19
+        targetSdkVersion 27
     }
 
     buildTypes {
diff --git a/build.gradle b/build.gradle
index 88d246d..be81015 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,15 +1,21 @@
 // Top-level build file where you can add configuration options common to all sub-projects/modules.
 buildscript {
     repositories {
+        google()
         jcenter()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:1.2.3'
+        classpath 'com.android.tools.build:gradle:3.1.0'
     }
 }
 
 allprojects {
     repositories {
+        google()
         jcenter()
     }
 }
+
+task clean(type: Delete) {
+    delete rootProject.buildDir
+}
\ No newline at end of file
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 0c71e76..ba9b119 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -3,4 +3,4 @@ distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-4.4-all.zip

From edf519a9c1c282650d649c514ad4fc69b9d13b57 Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Mon, 9 Apr 2018 19:01:34 +0200
Subject: [PATCH 05/14] Added support for Android-27

---
 app/build.gradle                         | 8 ++++----
 build.gradle                             | 8 +++++++-
 gradle/wrapper/gradle-wrapper.properties | 2 +-
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/app/build.gradle b/app/build.gradle
index 10af4f3..caaae0c 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -1,13 +1,13 @@
 apply plugin: 'com.android.application'
 
 android {
-    compileSdkVersion 22
-    buildToolsVersion "22.0.1"
+    compileSdkVersion 27
+    buildToolsVersion "27.0.3"
 
     defaultConfig {
         applicationId "com.example.android.securenote"
-        minSdkVersion 18
-        targetSdkVersion 22
+        minSdkVersion 19
+        targetSdkVersion 27
     }
 
     buildTypes {
diff --git a/build.gradle b/build.gradle
index 88d246d..be81015 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,15 +1,21 @@
 // Top-level build file where you can add configuration options common to all sub-projects/modules.
 buildscript {
     repositories {
+        google()
         jcenter()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:1.2.3'
+        classpath 'com.android.tools.build:gradle:3.1.0'
     }
 }
 
 allprojects {
     repositories {
+        google()
         jcenter()
     }
 }
+
+task clean(type: Delete) {
+    delete rootProject.buildDir
+}
\ No newline at end of file
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 0c71e76..ba9b119 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -3,4 +3,4 @@ distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-4.4-all.zip

From 00cc735b39dabd582efc95e9c7ad7649c05e288e Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Tue, 17 Apr 2018 19:13:43 -0700
Subject: [PATCH 06/14] Added slides

---
 Module_Secure_Storage.html        | 3611 +++++++++++++++++++
 Module_Secure_Storage_Slides.html | 5535 +++++++++++++++++++++++++++++
 2 files changed, 9146 insertions(+)
 create mode 100644 Module_Secure_Storage.html
 create mode 100644 Module_Secure_Storage_Slides.html

diff --git a/Module_Secure_Storage.html b/Module_Secure_Storage.html
new file mode 100644
index 0000000..6afd50f
--- /dev/null
+++ b/Module_Secure_Storage.html
@@ -0,0 +1,3611 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<meta name="generator" content="AsciiDoc 8.6.8">
+<title>Secure Application Storage</title>
+<style type="text/css">
+/* Shared CSS for AsciiDoc xhtml11 and html5 backends */
+
+/* Default font. */
+body {
+  font-family: Georgia,serif;
+}
+
+/* Title font. */
+h1, h2, h3, h4, h5, h6,
+div.title, caption.title,
+thead, p.table.header,
+#toctitle,
+#author, #revnumber, #revdate, #revremark,
+#footer {
+  font-family: Arial,Helvetica,sans-serif;
+}
+
+body {
+  margin: 1em 5% 1em 5%;
+}
+
+a {
+  color: blue;
+  text-decoration: underline;
+}
+a:visited {
+  color: fuchsia;
+}
+
+em {
+  font-style: italic;
+  color: navy;
+}
+
+strong {
+  font-weight: bold;
+  color: #083194;
+}
+
+h1, h2, h3, h4, h5, h6 {
+  color: #527bbd;
+  margin-top: 1.2em;
+  margin-bottom: 0.5em;
+  line-height: 1.3;
+}
+
+h1, h2, h3 {
+  border-bottom: 2px solid silver;
+}
+h2 {
+  padding-top: 0.5em;
+}
+h3 {
+  float: left;
+}
+h3 + * {
+  clear: left;
+}
+h5 {
+  font-size: 1.0em;
+}
+
+div.sectionbody {
+  margin-left: 0;
+}
+
+hr {
+  border: 1px solid silver;
+}
+
+p {
+  margin-top: 0.5em;
+  margin-bottom: 0.5em;
+}
+
+ul, ol, li > p {
+  margin-top: 0;
+}
+ul > li     { color: #aaa; }
+ul > li > * { color: black; }
+
+.monospaced, code, pre {
+  font-family: "Courier New", Courier, monospace;
+  font-size: inherit;
+  color: navy;
+  padding: 0;
+  margin: 0;
+}
+
+
+#author {
+  color: #527bbd;
+  font-weight: bold;
+  font-size: 1.1em;
+}
+#email {
+}
+#revnumber, #revdate, #revremark {
+}
+
+#footer {
+  font-size: small;
+  border-top: 2px solid silver;
+  padding-top: 0.5em;
+  margin-top: 4.0em;
+}
+#footer-text {
+  float: left;
+  padding-bottom: 0.5em;
+}
+#footer-badges {
+  float: right;
+  padding-bottom: 0.5em;
+}
+
+#preamble {
+  margin-top: 1.5em;
+  margin-bottom: 1.5em;
+}
+div.imageblock, div.exampleblock, div.verseblock,
+div.quoteblock, div.literalblock, div.listingblock, div.sidebarblock,
+div.admonitionblock {
+  margin-top: 1.0em;
+  margin-bottom: 1.5em;
+}
+div.admonitionblock {
+  margin-top: 2.0em;
+  margin-bottom: 2.0em;
+  margin-right: 10%;
+  color: #606060;
+}
+
+div.content { /* Block element content. */
+  padding: 0;
+}
+
+/* Block element titles. */
+div.title, caption.title {
+  color: #527bbd;
+  font-weight: bold;
+  text-align: left;
+  margin-top: 1.0em;
+  margin-bottom: 0.5em;
+}
+div.title + * {
+  margin-top: 0;
+}
+
+td div.title:first-child {
+  margin-top: 0.0em;
+}
+div.content div.title:first-child {
+  margin-top: 0.0em;
+}
+div.content + div.title {
+  margin-top: 0.0em;
+}
+
+div.sidebarblock > div.content {
+  background: #ffffee;
+  border: 1px solid #dddddd;
+  border-left: 4px solid #f0f0f0;
+  padding: 0.5em;
+}
+
+div.listingblock > div.content {
+  border: 1px solid #dddddd;
+  border-left: 5px solid #f0f0f0;
+  background: #f8f8f8;
+  padding: 0.5em;
+}
+
+div.quoteblock, div.verseblock {
+  padding-left: 1.0em;
+  margin-left: 1.0em;
+  margin-right: 10%;
+  border-left: 5px solid #f0f0f0;
+  color: #888;
+}
+
+div.quoteblock > div.attribution {
+  padding-top: 0.5em;
+  text-align: right;
+}
+
+div.verseblock > pre.content {
+  font-family: inherit;
+  font-size: inherit;
+}
+div.verseblock > div.attribution {
+  padding-top: 0.75em;
+  text-align: left;
+}
+/* DEPRECATED: Pre version 8.2.7 verse style literal block. */
+div.verseblock + div.attribution {
+  text-align: left;
+}
+
+div.admonitionblock .icon {
+  vertical-align: top;
+  font-size: 1.1em;
+  font-weight: bold;
+  text-decoration: underline;
+  color: #527bbd;
+  padding-right: 0.5em;
+}
+div.admonitionblock td.content {
+  padding-left: 0.5em;
+  border-left: 3px solid #dddddd;
+}
+
+div.exampleblock > div.content {
+  border-left: 3px solid #dddddd;
+  padding-left: 0.5em;
+}
+
+div.imageblock div.content { padding-left: 0; }
+span.image img { border-style: none; }
+a.image:visited { color: white; }
+
+dl {
+  margin-top: 0.8em;
+  margin-bottom: 0.8em;
+}
+dt {
+  margin-top: 0.5em;
+  margin-bottom: 0;
+  font-style: normal;
+  color: navy;
+}
+dd > *:first-child {
+  margin-top: 0.1em;
+}
+
+ul, ol {
+    list-style-position: outside;
+}
+ol.arabic {
+  list-style-type: decimal;
+}
+ol.loweralpha {
+  list-style-type: lower-alpha;
+}
+ol.upperalpha {
+  list-style-type: upper-alpha;
+}
+ol.lowerroman {
+  list-style-type: lower-roman;
+}
+ol.upperroman {
+  list-style-type: upper-roman;
+}
+
+div.compact ul, div.compact ol,
+div.compact p, div.compact p,
+div.compact div, div.compact div {
+  margin-top: 0.1em;
+  margin-bottom: 0.1em;
+}
+
+tfoot {
+  font-weight: bold;
+}
+td > div.verse {
+  white-space: pre;
+}
+
+div.hdlist {
+  margin-top: 0.8em;
+  margin-bottom: 0.8em;
+}
+div.hdlist tr {
+  padding-bottom: 15px;
+}
+dt.hdlist1.strong, td.hdlist1.strong {
+  font-weight: bold;
+}
+td.hdlist1 {
+  vertical-align: top;
+  font-style: normal;
+  padding-right: 0.8em;
+  color: navy;
+}
+td.hdlist2 {
+  vertical-align: top;
+}
+div.hdlist.compact tr {
+  margin: 0;
+  padding-bottom: 0;
+}
+
+.comment {
+  background: yellow;
+}
+
+.footnote, .footnoteref {
+  font-size: 0.8em;
+}
+
+span.footnote, span.footnoteref {
+  vertical-align: super;
+}
+
+#footnotes {
+  margin: 20px 0 20px 0;
+  padding: 7px 0 0 0;
+}
+
+#footnotes div.footnote {
+  margin: 0 0 5px 0;
+}
+
+#footnotes hr {
+  border: none;
+  border-top: 1px solid silver;
+  height: 1px;
+  text-align: left;
+  margin-left: 0;
+  width: 20%;
+  min-width: 100px;
+}
+
+div.colist td {
+  padding-right: 0.5em;
+  padding-bottom: 0.3em;
+  vertical-align: top;
+}
+div.colist td img {
+  margin-top: 0.3em;
+}
+
+@media print {
+  #footer-badges { display: none; }
+}
+
+#toc {
+  margin-bottom: 2.5em;
+}
+
+#toctitle {
+  color: #527bbd;
+  font-size: 1.1em;
+  font-weight: bold;
+  margin-top: 1.0em;
+  margin-bottom: 0.1em;
+}
+
+div.toclevel0, div.toclevel1, div.toclevel2, div.toclevel3, div.toclevel4 {
+  margin-top: 0;
+  margin-bottom: 0;
+}
+div.toclevel2 {
+  margin-left: 2em;
+  font-size: 0.9em;
+}
+div.toclevel3 {
+  margin-left: 4em;
+  font-size: 0.9em;
+}
+div.toclevel4 {
+  margin-left: 6em;
+  font-size: 0.9em;
+}
+
+span.aqua { color: aqua; }
+span.black { color: black; }
+span.blue { color: blue; }
+span.fuchsia { color: fuchsia; }
+span.gray { color: gray; }
+span.green { color: green; }
+span.lime { color: lime; }
+span.maroon { color: maroon; }
+span.navy { color: navy; }
+span.olive { color: olive; }
+span.purple { color: purple; }
+span.red { color: red; }
+span.silver { color: silver; }
+span.teal { color: teal; }
+span.white { color: white; }
+span.yellow { color: yellow; }
+
+span.aqua-background { background: aqua; }
+span.black-background { background: black; }
+span.blue-background { background: blue; }
+span.fuchsia-background { background: fuchsia; }
+span.gray-background { background: gray; }
+span.green-background { background: green; }
+span.lime-background { background: lime; }
+span.maroon-background { background: maroon; }
+span.navy-background { background: navy; }
+span.olive-background { background: olive; }
+span.purple-background { background: purple; }
+span.red-background { background: red; }
+span.silver-background { background: silver; }
+span.teal-background { background: teal; }
+span.white-background { background: white; }
+span.yellow-background { background: yellow; }
+
+span.big { font-size: 2em; }
+span.small { font-size: 0.6em; }
+
+span.underline { text-decoration: underline; }
+span.overline { text-decoration: overline; }
+span.line-through { text-decoration: line-through; }
+
+div.unbreakable { page-break-inside: avoid; }
+
+
+/*
+ * xhtml11 specific
+ *
+ * */
+
+div.tableblock {
+  margin-top: 1.0em;
+  margin-bottom: 1.5em;
+}
+div.tableblock > table {
+  border: 3px solid #527bbd;
+}
+thead, p.table.header {
+  font-weight: bold;
+  color: #527bbd;
+}
+p.table {
+  margin-top: 0;
+}
+/* Because the table frame attribute is overriden by CSS in most browsers. */
+div.tableblock > table[frame="void"] {
+  border-style: none;
+}
+div.tableblock > table[frame="hsides"] {
+  border-left-style: none;
+  border-right-style: none;
+}
+div.tableblock > table[frame="vsides"] {
+  border-top-style: none;
+  border-bottom-style: none;
+}
+
+
+/*
+ * html5 specific
+ *
+ * */
+
+table.tableblock {
+  margin-top: 1.0em;
+  margin-bottom: 1.5em;
+}
+thead, p.tableblock.header {
+  font-weight: bold;
+  color: #527bbd;
+}
+p.tableblock {
+  margin-top: 0;
+}
+table.tableblock {
+  border-width: 3px;
+  border-spacing: 0px;
+  border-style: solid;
+  border-color: #527bbd;
+  border-collapse: collapse;
+}
+th.tableblock, td.tableblock {
+  border-width: 1px;
+  padding: 4px;
+  border-style: solid;
+  border-color: #527bbd;
+}
+
+table.tableblock.frame-topbot {
+  border-left-style: hidden;
+  border-right-style: hidden;
+}
+table.tableblock.frame-sides {
+  border-top-style: hidden;
+  border-bottom-style: hidden;
+}
+table.tableblock.frame-none {
+  border-style: hidden;
+}
+
+th.tableblock.halign-left, td.tableblock.halign-left {
+  text-align: left;
+}
+th.tableblock.halign-center, td.tableblock.halign-center {
+  text-align: center;
+}
+th.tableblock.halign-right, td.tableblock.halign-right {
+  text-align: right;
+}
+
+th.tableblock.valign-top, td.tableblock.valign-top {
+  vertical-align: top;
+}
+th.tableblock.valign-middle, td.tableblock.valign-middle {
+  vertical-align: middle;
+}
+th.tableblock.valign-bottom, td.tableblock.valign-bottom {
+  vertical-align: bottom;
+}
+
+
+/*
+ * manpage specific
+ *
+ * */
+
+body.manpage h1 {
+  padding-top: 0.5em;
+  padding-bottom: 0.5em;
+  border-top: 2px solid silver;
+  border-bottom: 2px solid silver;
+}
+body.manpage h2 {
+  border-style: none;
+}
+body.manpage div.sectionbody {
+  margin-left: 3em;
+}
+
+@media print {
+  body.manpage div#toc { display: none; }
+}
+/*
+  pygmentize filter
+*/
+.highlight .hll { background-color: #ffffcc }
+.highlight  { background: #f4f4f4; }
+.highlight .c { color: #008800; font-style: italic } /* Comment */
+.highlight .err { border: 1px solid #FF0000 } /* Error */
+.highlight .k { color: #AA22FF; font-weight: bold } /* Keyword */
+.highlight .o { color: #666666 } /* Operator */
+.highlight .cm { color: #008800; font-style: italic } /* Comment.Multiline */
+.highlight .cp { color: #008800 } /* Comment.Preproc */
+.highlight .c1 { color: #008800; font-style: italic } /* Comment.Single */
+.highlight .cs { color: #008800; font-weight: bold } /* Comment.Special */
+.highlight .gd { color: #A00000 } /* Generic.Deleted */
+.highlight .ge { font-style: italic } /* Generic.Emph */
+.highlight .gr { color: #FF0000 } /* Generic.Error */
+.highlight .gh { color: #000080; font-weight: bold } /* Generic.Heading */
+.highlight .gi { color: #00A000 } /* Generic.Inserted */
+.highlight .go { color: #808080 } /* Generic.Output */
+.highlight .gp { color: #000080; font-weight: bold } /* Generic.Prompt */
+.highlight .gs { font-weight: bold } /* Generic.Strong */
+.highlight .gu { color: #800080; font-weight: bold } /* Generic.Subheading */
+.highlight .gt { color: #0040D0 } /* Generic.Traceback */
+.highlight .kc { color: #AA22FF; font-weight: bold } /* Keyword.Constant */
+.highlight .kd { color: #AA22FF; font-weight: bold } /* Keyword.Declaration */
+.highlight .kn { color: #AA22FF; font-weight: bold } /* Keyword.Namespace */
+.highlight .kp { color: #AA22FF } /* Keyword.Pseudo */
+.highlight .kr { color: #AA22FF; font-weight: bold } /* Keyword.Reserved */
+.highlight .kt { color: #00BB00; font-weight: bold } /* Keyword.Type */
+.highlight .m { color: #666666 } /* Literal.Number */
+.highlight .s { color: #BB4444 } /* Literal.String */
+.highlight .na { color: #BB4444 } /* Name.Attribute */
+.highlight .nb { color: #AA22FF } /* Name.Builtin */
+.highlight .nc { color: #0000FF } /* Name.Class */
+.highlight .no { color: #880000 } /* Name.Constant */
+.highlight .nd { color: #AA22FF } /* Name.Decorator */
+.highlight .ni { color: #999999; font-weight: bold } /* Name.Entity */
+.highlight .ne { color: #D2413A; font-weight: bold } /* Name.Exception */
+.highlight .nf { color: #00A000 } /* Name.Function */
+.highlight .nl { color: #A0A000 } /* Name.Label */
+.highlight .nn { color: #0000FF; font-weight: bold } /* Name.Namespace */
+.highlight .nt { color: #008000; font-weight: bold } /* Name.Tag */
+.highlight .nv { color: #B8860B } /* Name.Variable */
+.highlight .ow { color: #AA22FF; font-weight: bold } /* Operator.Word */
+.highlight .w { color: #bbbbbb } /* Text.Whitespace */
+.highlight .mf { color: #666666 } /* Literal.Number.Float */
+.highlight .mh { color: #666666 } /* Literal.Number.Hex */
+.highlight .mi { color: #666666 } /* Literal.Number.Integer */
+.highlight .mo { color: #666666 } /* Literal.Number.Oct */
+.highlight .sb { color: #BB4444 } /* Literal.String.Backtick */
+.highlight .sc { color: #BB4444 } /* Literal.String.Char */
+.highlight .sd { color: #BB4444; font-style: italic } /* Literal.String.Doc */
+.highlight .s2 { color: #BB4444 } /* Literal.String.Double */
+.highlight .se { color: #BB6622; font-weight: bold } /* Literal.String.Escape */
+.highlight .sh { color: #BB4444 } /* Literal.String.Heredoc */
+.highlight .si { color: #BB6688; font-weight: bold } /* Literal.String.Interpol */
+.highlight .sx { color: #008000 } /* Literal.String.Other */
+.highlight .sr { color: #BB6688 } /* Literal.String.Regex */
+.highlight .s1 { color: #BB4444 } /* Literal.String.Single */
+.highlight .ss { color: #B8860B } /* Literal.String.Symbol */
+.highlight .bp { color: #AA22FF } /* Name.Builtin.Pseudo */
+.highlight .vc { color: #B8860B } /* Name.Variable.Class */
+.highlight .vg { color: #B8860B } /* Name.Variable.Global */
+.highlight .vi { color: #B8860B } /* Name.Variable.Instance */
+.highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
+
+
+
+</style>
+<script type="text/javascript">
+/*<![CDATA[*/
+var asciidoc = {  // Namespace.
+
+/////////////////////////////////////////////////////////////////////
+// Table Of Contents generator
+/////////////////////////////////////////////////////////////////////
+
+/* Author: Mihai Bazon, September 2002
+ * http://students.infoiasi.ro/~mishoo
+ *
+ * Table Of Content generator
+ * Version: 0.4
+ *
+ * Feel free to use this script under the terms of the GNU General Public
+ * License, as long as you do not remove or alter this notice.
+ */
+
+ /* modified by Troy D. Hanson, September 2006. License: GPL */
+ /* modified by Stuart Rackham, 2006, 2009. License: GPL */
+
+// toclevels = 1..4.
+toc: function (toclevels) {
+
+  function getText(el) {
+    var text = "";
+    for (var i = el.firstChild; i != null; i = i.nextSibling) {
+      if (i.nodeType == 3 /* Node.TEXT_NODE */) // IE doesn't speak constants.
+        text += i.data;
+      else if (i.firstChild != null)
+        text += getText(i);
+    }
+    return text;
+  }
+
+  function TocEntry(el, text, toclevel) {
+    this.element = el;
+    this.text = text;
+    this.toclevel = toclevel;
+  }
+
+  function tocEntries(el, toclevels) {
+    var result = new Array;
+    var re = new RegExp('[hH]([1-'+(toclevels+1)+'])');
+    // Function that scans the DOM tree for header elements (the DOM2
+    // nodeIterator API would be a better technique but not supported by all
+    // browsers).
+    var iterate = function (el) {
+      for (var i = el.firstChild; i != null; i = i.nextSibling) {
+        if (i.nodeType == 1 /* Node.ELEMENT_NODE */) {
+          var mo = re.exec(i.tagName);
+          if (mo && (i.getAttribute("class") || i.getAttribute("className")) != "float") {
+            result[result.length] = new TocEntry(i, getText(i), mo[1]-1);
+          }
+          iterate(i);
+        }
+      }
+    }
+    iterate(el);
+    return result;
+  }
+
+  var toc = document.getElementById("toc");
+  if (!toc) {
+    return;
+  }
+
+  // Delete existing TOC entries in case we're reloading the TOC.
+  var tocEntriesToRemove = [];
+  var i;
+  for (i = 0; i < toc.childNodes.length; i++) {
+    var entry = toc.childNodes[i];
+    if (entry.nodeName.toLowerCase() == 'div'
+     && entry.getAttribute("class")
+     && entry.getAttribute("class").match(/^toclevel/))
+      tocEntriesToRemove.push(entry);
+  }
+  for (i = 0; i < tocEntriesToRemove.length; i++) {
+    toc.removeChild(tocEntriesToRemove[i]);
+  }
+
+  // Rebuild TOC entries.
+  var entries = tocEntries(document.getElementById("content"), toclevels);
+  for (var i = 0; i < entries.length; ++i) {
+    var entry = entries[i];
+    if (entry.element.id == "")
+      entry.element.id = "_toc_" + i;
+    var a = document.createElement("a");
+    a.href = "#" + entry.element.id;
+    a.appendChild(document.createTextNode(entry.text));
+    var div = document.createElement("div");
+    div.appendChild(a);
+    div.className = "toclevel" + entry.toclevel;
+    toc.appendChild(div);
+  }
+  if (entries.length == 0)
+    toc.parentNode.removeChild(toc);
+},
+
+
+/////////////////////////////////////////////////////////////////////
+// Footnotes generator
+/////////////////////////////////////////////////////////////////////
+
+/* Based on footnote generation code from:
+ * http://www.brandspankingnew.net/archive/2005/07/format_footnote.html
+ */
+
+footnotes: function () {
+  // Delete existing footnote entries in case we're reloading the footnodes.
+  var i;
+  var noteholder = document.getElementById("footnotes");
+  if (!noteholder) {
+    return;
+  }
+  var entriesToRemove = [];
+  for (i = 0; i < noteholder.childNodes.length; i++) {
+    var entry = noteholder.childNodes[i];
+    if (entry.nodeName.toLowerCase() == 'div' && entry.getAttribute("class") == "footnote")
+      entriesToRemove.push(entry);
+  }
+  for (i = 0; i < entriesToRemove.length; i++) {
+    noteholder.removeChild(entriesToRemove[i]);
+  }
+
+  // Rebuild footnote entries.
+  var cont = document.getElementById("content");
+  var spans = cont.getElementsByTagName("span");
+  var refs = {};
+  var n = 0;
+  for (i=0; i<spans.length; i++) {
+    if (spans[i].className == "footnote") {
+      n++;
+      var note = spans[i].getAttribute("data-note");
+      if (!note) {
+        // Use [\s\S] in place of . so multi-line matches work.
+        // Because JavaScript has no s (dotall) regex flag.
+        note = spans[i].innerHTML.match(/\s*\[([\s\S]*)]\s*/)[1];
+        spans[i].innerHTML =
+          "[<a id='_footnoteref_" + n + "' href='#_footnote_" + n +
+          "' title='View footnote' class='footnote'>" + n + "</a>]";
+        spans[i].setAttribute("data-note", note);
+      }
+      noteholder.innerHTML +=
+        "<div class='footnote' id='_footnote_" + n + "'>" +
+        "<a href='#_footnoteref_" + n + "' title='Return to text'>" +
+        n + "</a>. " + note + "</div>";
+      var id =spans[i].getAttribute("id");
+      if (id != null) refs["#"+id] = n;
+    }
+  }
+  if (n == 0)
+    noteholder.parentNode.removeChild(noteholder);
+  else {
+    // Process footnoterefs.
+    for (i=0; i<spans.length; i++) {
+      if (spans[i].className == "footnoteref") {
+        var href = spans[i].getElementsByTagName("a")[0].getAttribute("href");
+        href = href.match(/#.*/)[0];  // Because IE return full URL.
+        n = refs[href];
+        spans[i].innerHTML =
+          "[<a href='#_footnote_" + n +
+          "' title='View footnote' class='footnote'>" + n + "</a>]";
+      }
+    }
+  }
+},
+
+install: function(toclevels) {
+  var timerId;
+
+  function reinstall() {
+    asciidoc.footnotes();
+    if (toclevels) {
+      asciidoc.toc(toclevels);
+    }
+  }
+
+  function reinstallAndRemoveTimer() {
+    clearInterval(timerId);
+    reinstall();
+  }
+
+  timerId = setInterval(reinstall, 500);
+  if (document.addEventListener)
+    document.addEventListener("DOMContentLoaded", reinstallAndRemoveTimer, false);
+  else
+    window.onload = reinstallAndRemoveTimer;
+}
+
+}
+asciidoc.install(2);
+/*]]>*/
+</script>
+</head>
+<body class="article">
+<div id="header">
+<h1>Secure Application Storage</h1>
+<div id="toc">
+  <noscript><p><b>JavaScript must be enabled in your browser to display the table of contents.</b></p></noscript>
+</div>
+</div>
+<div id="content">
+<div id="preamble">
+<div class="sectionbody">
+<div class="paragraph"><p>Objective: By the end of this module, you will be able<br>
+protect data saved on the file system and understand what to persist.</p></div>
+<div class="paragraph"><p></p></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_review_questions">1. Review Questions</h2>
+<div class="sectionbody">
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Name three of the primary APIs for persisting data in Android.
+</p>
+</li>
+<li>
+<p>
+Why is it a bad idea hard-code secret keys in your application code?
+</p>
+</li>
+<li>
+<p>
+What is the preferred method of generating a unique ID for your application user?
+</p>
+</li>
+<li>
+<p>
+what is the one type of persisted data that cannot be (directly) encrypted?
+</p>
+</li>
+<li>
+<p>
+What is the name of the package that provides encryption for SQLite?
+</p>
+</li>
+<li>
+<p>
+What is the primary advantage of the accounts framework?
+</p>
+</li>
+<li>
+<p>
+Is password-based encryption symmetric or asymmetric? What does that mean?
+</p>
+</li>
+<li>
+<p>
+What is the difference between the system KeyChain and the system KeyStore?
+</p>
+</li>
+<li>
+<p>
+When is it safe to persist an encryption key in the system KeyStore?
+</p>
+</li>
+<li>
+<p>
+How do we check if the device supports this?
+</p>
+</li>
+</ol></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_storage">2. Storage</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+Improper storage of data is a simple problem to resolve, if handled from the start
+</p>
+</li>
+<li>
+<p>
+Mobile devices are different than traditional computing systems
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Physical device access is <strong>easy</strong> to achieve
+</p>
+</li>
+<li>
+<p>
+Once physical access is available, device can be rooted, flashed, etc.
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+You <em>must</em> assume that once data is <strong>stored</strong> on the device it is vulnerable!
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+For typical users, this is usually not a problem
+</p>
+</li>
+<li>
+<p>
+Malicious users are <strong>not</strong> typical users!
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Once a device has been rooted, re-ROM&#8217;d, etc. the malicious user can read/write anywhere they want
+</p>
+<div class="paragraph"><p><em>The question to ask: what does my app really need to store?</em></p></div>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+The general rule of thumb: store only what you <em>absolutely require</em>
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+This can mean many things: tokens/keys to access APIs, user credentials, authentication tokens
+</p>
+</li>
+<li>
+<p>
+It boils down to propery managing sensitive data
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+If you must store sensitive data, have a plan to do so in a way with minimized risk
+</p>
+</li>
+</ul></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_storage_apis">3. Storage APIs</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+File access
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+<span class="monospaced">Context</span> provides a number of helper APIs
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+<span class="monospaced">Context.openFileInput()</span> opens a private file for reading
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">Context.openFileOutput()</span> opens a private file for writing
+</p>
+</li>
+<li>
+<p>
+Private files are tied to the app package, located in its private sandbox
+</p>
+</li>
+<li>
+<p>
+There are additional APIs for cache files
+</p>
+</li>
+<li>
+<p>
+"External storage" is also available, with a package private area
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Standard Java <span class="monospaced">File</span> class and related APIs available
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+<span class="monospaced">Context</span> provides APIs to help get package private paths (<span class="monospaced">getDir()</span>, <span class="monospaced">getCacheDir()</span>, <span class="monospaced">getExternalCacheDir()</span>, <span class="monospaced">getExternalFilesDir()</span>, <span class="monospaced">getFilesDir()</span>)
+</p>
+</li>
+<li>
+<p>
+Apps should not assume any specific filesystem paths or mount points
+</p>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Opaque Binary Blobs (OBB)
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+App specific file container
+</p>
+</li>
+<li>
+<p>
+Can be encrypted
+</p>
+</li>
+<li>
+<p>
+App manages the download / mount of the containers
+</p>
+</li>
+<li>
+<p>
+Useful for large data sets (graphics, assets)
+</p>
+</li>
+<li>
+<p>
+Use <span class="monospaced">StorageManager</span> to mount then access
+</p>
+</li>
+<li>
+<p>
+Cannot <strong>create</strong> new OBBs on the device, just access existing ones
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+<span class="monospaced">SharedPreferences</span>
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+File backed storage of key-value pair data
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Keys are <span class="monospaced">String</span> objects, values can be primitives, <span class="monospaced">String</span> or <span class="monospaced">Set&lt;String&gt;</span>
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+App controls what data is stored and meaning
+</p>
+</li>
+<li>
+<p>
+Default for the app is tied to the package name
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Default name can be overridden
+</p>
+</li>
+<li>
+<p>
+Can use multiple <span class="monospaced">SharedPreferences</span> for the same app
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Data is not encrypted, simple string based lookup
+</p>
+</li>
+<li>
+<p>
+Can be used by multiple threads (clients), modifications go through <span class="monospaced">SharedPreferences.Editor</span>
+</p>
+</li>
+<li>
+<p>
+Does not support multi-process access
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+SQLite Databases
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+SQLite databases can be used for app specific storage
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Accessible to any component in your app, but (generally) not outside your app
+</p>
+</li>
+<li>
+<p>
+Backed by private file within the sandbox
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Recommended use is via <span class="monospaced">SQLiteOpenHelper</span> class to help manage creation, updates
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Use <span class="monospaced">SQLiteOpenHelper.getWriteableDatabase()</span> and <span class="monospaced">SQLiteOpenHelper.getReadableDatabase()</span> to get a <span class="monospaced">SQLiteDatabase</span> object to call <span class="monospaced">query()</span>, etc. against
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">query()</span> calls return <span class="monospaced">Cursor</span> objects which points to the rows found by the query
+</p>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_user_authentication">4. User Authentication</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+User authentication is used for access to user specific data in the app
+</p>
+</li>
+<li>
+<p>
+Best Practices for storage depends on app and credentials
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+BP#1: Certificate/key based credentials
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Leverage Android&#8217;s credential storage to securely track
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+See <a href="http://developer.android.com/reference/android/security/KeyChain.html"><span class="monospaced">KeyChain</span></a>
+and <a href="https://developer.android.com/training/articles/keystore.html"><span class="monospaced">AndroidKeyStore</span></a> provider
+with <a href="http://developer.android.com/reference/java/security/KeyStore.html"><span class="monospaced">KeyStore</span></a> (Android 4.3 and newer)
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+<em>DO NOT</em> assume filesystem sandbox is enough
+</p>
+</li>
+<li>
+<p>
+Still can be vulnerable to attacks if device compromised
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+BP#2: User account credentials
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Users have numerous accounts for different service (Google, PayPal, Facebook, etc.)
+</p>
+</li>
+<li>
+<p>
+Leverage <a href="https://developer.android.com/reference/android/accounts/AccountManager.html"><span class="monospaced">AccountManager</span></a>
+for storage of accounts and accessing accounts
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+<span class="monospaced">AccountManager</span> uses plugabble architecture for authenticators
+</p>
+</li>
+<li>
+<p>
+Using an existing account, apps can request authentication token for use in requests
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+<em>DO NOT</em> assume filesystem sandbox is enough and store in cleartext
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+BP#3: Use WebView and Session Tokens
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Present the user with web page for login
+</p>
+</li>
+<li>
+<p>
+<em>DO NOT</em> store the user credentials at all
+</p>
+</li>
+<li>
+<p>
+The web interface presents a redirect with session token on success (e.g. <a href="http://en.wikipedia.org/wiki/OAuth">OAuth 2.0</a>)
+</p>
+</li>
+<li>
+<p>
+Keep the session token for subsequent requests
+</p>
+</li>
+<li>
+<p>
+Session key can be stored, but carefully do so
+</p>
+</li>
+<li>
+<p>
+This relies on the <em>server</em> to properly handle credentials, expire and rotate tokens correctly
+</p>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_session_identifiers">5. Session Identifiers</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+Many network services (Google, Facebook, Instagram, etc.) use session or token based identifiers for access
+</p>
+</li>
+<li>
+<p>
+These can be stored on the device, carefully
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Be sure to store them in a way so an attacker cannot determine how it is used
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Servers should have reasonable expiration times for session IDs
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Some server implementations may issue new session IDs to replace old ones frequently
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Android&#8217;s <span class="monospaced">AccountManager</span> can be leveraged with 3rd party authenticators to help with auth tokens or sessions
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+It is up <em>to the app</em> to notify the <span class="monospaced">AccountManager</span> if a token is no longer valid
+</p>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_hardcoded_tokens_and_keys">6. Hardcoded Tokens and Keys</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+Best practice is to <strong>not</strong> use hardcoded values in code
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Java (including Dalvik DEX) can be disassembled <a href="http://dedexer.sourceforge.net/"><em>very easily</em></a>
+</p>
+</li>
+<li>
+<p>
+Reverse engineering can discover hardcoded values relatively easily
+</p>
+</li>
+<li>
+<p>
+This is <em>particularly bad for encryption of data</em>
+</p>
+</li>
+<li>
+<p>
+Best Practice: hash a random salt plus and password to create a key (with numerous iterations), store the salt and hash
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Some cloud services require an app authentication token
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+You have no choice but to store or hard code
+</p>
+</li>
+<li>
+<p>
+Best practice: ensure the server only uses this to "authenticate" the app, not the user
+</p>
+</li>
+<li>
+<p>
+Best practice on the server: only allow a limited subset of functionality via the app (e.g. no account delete or other more volatile ops)
+</p>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_unique_identifiers">7. Unique Identifiers</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+Use of unique IDs is common for apps to track users or installs
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Typically used for analytics, ads, etc.
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+A common practice uses <span class="monospaced">TelephonyManager.getDeviceId()</span>
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+<em>DO NOT</em> do this!  There are better ways.
+</p>
+</li>
+<li>
+<p>
+It requires the permission <span class="monospaced">READ_PHONE_STATE</span> which can set up a red flag to users
+</p>
+</li>
+<li>
+<p>
+It is not reliable.  Some devices do not report unique IDs or change IDs after factory reset
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Best Practice: for non-physical device tracking use
+<a href="https://developer.android.com/reference/java/util/UUID.html#randomUUID()"><span class="monospaced">UUID.randomUUID()</span></a>
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+If you must track physical devices, use
+<a href="https://developer.android.com/reference/android/provider/Settings.Secure.html#ANDROID_ID"><span class="monospaced">Settings.Secure.ANDROID_ID</span></a>
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+This is a 64 bit value created and stored when the device first boots.  It is wiped at factory reset.
+</p>
+</li>
+<li>
+<p>
+The downside to this is it is unreliable before Android 2.3 (Gingerbread) due to <span class="monospaced">SecureRandom</span>
+used to create <span class="monospaced">ANDROID_ID</span> being <a href="https://code.google.com/p/android/issues/detail?id=10639">seeded incorrectly</a>.
+</p>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+See this <a href="http://android-developers.blogspot.com/2011/03/identifying-app-installations.html">Google Developer Blog</a> for more details
+</p>
+</li>
+</ul></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_storing_sensitive_data">8. Storing sensitive data</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+Sometimes, you just have to do it: save your app&#8217;s (or user&#8217;s) sensitive data
+</p>
+</li>
+<li>
+<p>
+As we have seen, there are multiple ways of storing data, so how do you protect it?
+</p>
+</li>
+<li>
+<p>
+It depends on the storage type
+</p>
+</li>
+</ul></div>
+<table class="tableblock frame-topbot grid-all"
+style="
+width:75%;
+">
+<col style="width:25%;">
+<col style="width:25%;">
+<col style="width:25%;">
+<col style="width:25%;">
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top" > Storage Type      </th>
+<th class="tableblock halign-left valign-top" > Private to App? </th>
+<th class="tableblock halign-left valign-top" > Can be made public? </th>
+<th class="tableblock halign-left valign-top" > Encryptable?</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Files</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">OBB</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">No</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">SharedPreferences</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">No</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">SQLite database</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>**</sup></p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>+</sup></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">ContentProvider</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Can be</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+</tr>
+</tbody>
+</table>
+<div class="paragraph"><p><sup>*</sup> The default setting is to be private, this can be overridden</p></div>
+<div class="paragraph"><p><sup>**</sup> Making the database public can be done via file permissions or by exposing via <span class="monospaced">ContentProvider</span></p></div>
+<div class="paragraph"><p><sup>+</sup> SQLite databases can be encrypted using 3rd party libraries</p></div>
+<div class="sect2">
+<h3 id="_file_usage">8.1. File Usage</h3>
+<div class="ulist"><ul>
+<li>
+<p>
+Regular file usage is simple, well understood and fairly robust
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">SharedPreferences</span> are backed by files, so the same concepts apply (except for encryption)
+</p>
+</li>
+<li>
+<p>
+<em>Inherently insecure at runtime or if device physically compromised</em>
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Data is "raw" or in the clear
+</p>
+</li>
+<li>
+<p>
+App sandbox works for basic protection
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Easy to override
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+External storage can present issues, if removable
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+For simple data (not critical if exposed), basic <span class="monospaced">File</span> access is ok
+</p>
+</li>
+<li>
+<p>
+Best Practice for sensitive data: use encryption (file only, not <span class="monospaced">SharedPreferences</span>) with user provided password
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+No "encrypt file" direct API available, but <span class="monospaced">javax.crypto</span> package can be used
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Use a <a href="http://developer.android.com/reference/javax/crypto/Cipher.html"><span class="monospaced">Cipher</span></a> initilized for AES/CBC/PKCS5Padding,
+create an initialization vector (IV) using <a href="http://developer.android.com/reference/java/security/SecureRandom.html"><span class="monospaced">SecureRandom</span></a>,
+save the raw IV at the start of the file, then use
+<a href="http://developer.android.com/reference/javax/crypto/CipherOutputStream.html"><span class="monospaced">CipherOutputStream</span></a> to write
+the encrypted data to the file.  Use the password to <em>derive</em> a key (don&#8217;t store the password!) using PBKDF2.
+</p>
+</li>
+<li>
+<p>
+To ensure integrity of the crypted file, create a secure checksum with MAC or HMAC (i.e. SHA-1)
+</p>
+</li>
+<li>
+<p>
+Obviously, this is not simple, can be prone to error
+</p>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</div>
+<div class="sect2">
+<h3 id="_sqlite_databases">8.2. SQLite Databases</h3>
+<div class="ulist"><ul>
+<li>
+<p>
+SQLite databases are used frequently in Android
+</p>
+</li>
+<li>
+<p>
+Each database is backed by a file
+</p>
+</li>
+<li>
+<p>
+<em>Inherently insecure at runtime or if device physically compromised</em>
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+App sandbox works for basic protection
+</p>
+</li>
+<li>
+<p>
+Easy to override
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+For simple data (i.e. no user details, password hashes, etc.) basic usage is ok
+</p>
+</li>
+<li>
+<p>
+Best Practice for permissions: don&#8217;t override sandbox settings
+</p>
+</li>
+<li>
+<p>
+Best Practice for location: don&#8217;t use external (removable) storage
+</p>
+</li>
+<li>
+<p>
+Best Practice for sensitive data: use encryption (SQLCipher)
+</p>
+</li>
+</ul></div>
+<div class="sect3">
+<h4 id="_sqlcipher">8.2.1. SQLCipher</h4>
+<div class="ulist"><ul>
+<li>
+<p>
+Crypto library for SQLite databases, made by <a href="http://sqlcipher.net">Zetetic LLC</a>
+</p>
+</li>
+<li>
+<p>
+Encrypts 100% of the database, with a small amount of performance overhead (claims 5-15% overhead)
+</p>
+</li>
+<li>
+<p>
+Utilizes industry standard crypto libraries from OpenSSL, utlizes 256-bit AES encryption
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Encryption keys can be derived from a passphrase or using raw binary key data
+</p>
+</li>
+<li>
+<p>
+Key derivation is done using a 16 byte secure random salt (OpenSSL&#8217;s RAND_bytes)
+</p>
+</li>
+<li>
+<p>
+Each "page" in the database is encrypted separately
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Multi-platform and language support: Android, Linux, Mac OSX, iOS, and Windows with C/C++, Java, .NET, Ruby, PHP, Python
+</p>
+</li>
+<li>
+<p>
+Has both an open source (Community Edition) and commercial licensed versions
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Community Edition is available via BSD-style license
+</p>
+</li>
+<li>
+<p>
+Android Community Edition binaries are available free of charge at <a href="https://s3.amazonaws.com/sqlcipher/SQLCipher+for+Android+v3.1.0.zip">https://s3.amazonaws.com/sqlcipher/SQLCipher+for+Android+v3.1.0.zip</a>
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Basic Android walk-thru instructions (assumes Eclipse/ADT, not Android Studio) available <a href="http://sqlcipher.net/sqlcipher-for-android/">here</a>
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+In code, the major change is the import and use of <span class="monospaced">net.sqlite.database.SQLiteDatabase</span> rather than <span class="monospaced">android.database.sqlite.SQLiteDatabase</span>
+</p>
+<div class="listingblock">
+<div class="title">Sample SQLCipher Integration:</div>
+<div class="content"><div class="highlight"><pre><span></span><span class="kn">package</span> <span class="nn">com.example.android.sqlsecure</span><span class="o">;</span>
+
+<span class="kn">import</span> <span class="nn">net.sqlcipher.database.SQLiteDatabase</span><span class="o">;</span>
+<span class="err">…</span>
+
+<span class="kd">public</span> <span class="kd">class</span> <span class="nc">SecureDbActivity</span> <span class="kd">extends</span> <span class="n">Activity</span> <span class="o">{</span>
+    <span class="err">…</span>
+    <span class="kd">private</span> <span class="kd">static</span> <span class="kd">final</span> <span class="n">String</span>  <span class="n">SECURE_DB_NAME</span> <span class="o">=</span> <span class="s">&quot;demo_secure.db&quot;</span><span class="o">;</span>
+
+    <span class="kd">private</span> <span class="n">File</span>            <span class="n">mDbFile</span><span class="o">;</span>
+    <span class="kd">private</span> <span class="n">SQLiteDatabase</span>  <span class="n">mDb</span><span class="o">;</span>
+    <span class="err">…</span>
+
+    <span class="nd">@Override</span>
+    <span class="kd">public</span> <span class="kt">void</span> <span class="nf">onCreate</span><span class="o">(</span><span class="n">Bundle</span> <span class="n">savedInstanceState</span><span class="o">)</span> <span class="o">{</span>
+        <span class="kd">super</span><span class="o">.</span><span class="na">onCreate</span><span class="o">(</span><span class="n">savedInstanceState</span><span class="o">);</span>
+        <span class="n">setContentView</span><span class="o">(</span><span class="n">R</span><span class="o">.</span><span class="na">layout</span><span class="o">.</span><span class="na">secure_db_layout</span><span class="o">);</span>
+        <span class="err">…</span>
+
+        <span class="c1">// Init SQLCipher *before* we make any SQLite calls</span>
+        <span class="n">SQLiteDatabase</span><span class="o">.</span><span class="na">loadLibs</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
+        <span class="n">mDbFile</span> <span class="o">=</span> <span class="n">getDatabasePath</span><span class="o">(</span><span class="n">SECURE_DB_NAME</span><span class="o">);</span>
+        <span class="n">mDb</span> <span class="o">=</span> <span class="n">SQLiteDatabase</span><span class="o">.</span><span class="na">openOrCreateDatabase</span><span class="o">(</span><span class="n">mDbFile</span><span class="o">,</span> <span class="s">&quot;myFakePw&quot;</span><span class="o">,</span> <span class="kc">null</span><span class="o">);</span>
+        <span class="err">…</span>
+    <span class="o">}</span>
+
+    <span class="err">…</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+</ul></div>
+</li>
+</ul></div>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_remembering_users_with_accounts">9. Remembering Users with Accounts</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+Given the potential dangers around applications leaking persisted data on the file system, one option for storing user credentials is the <a href="https://developer.android.com/reference/android/accounts/AccountManager.html">Accounts Framework</a>.
+</p>
+</li>
+<li>
+<p>
+Accounts allow the system to manage access to credentials and authorization tokens for web services.
+</p>
+</li>
+<li>
+<p>
+This presents two useful options to application developers:
+</p>
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Use an existing account on the system (like the user&#8217;s Google account) rather than inventing your own.
+</p>
+</li>
+<li>
+<p>
+Add your own account authentication logic (via a custom <span class="monospaced">AccountAuthenticator</span>) to the framework to get the credentials storage out of the application space.
+</p>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+The following is an example of how an application can use the <span class="monospaced">AccountManager</span> service to authenticate a user using their Google account:
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">The following method will work for accounts from any active service (e.g. Twitter, Facebook, Microsoft Exchange) that use the accounts framework. For Google accounts specifically, <a href="http://developer.android.com/google/auth/http-auth.html">Google Play Services</a> now provides a much simpler API.</td>
+</tr></table>
+</div>
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Accessing the accounts framework requires two permissions:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="nt">&lt;uses-permission</span> <span class="na">android:name=</span><span class="s">&quot;android.permission.GET_ACCOUNTS&quot;</span> <span class="nt">/&gt;</span>
+<span class="nt">&lt;uses-permission</span> <span class="na">android:name=</span><span class="s">&quot;android.permission.USE_CREDENTIALS&quot;</span> <span class="nt">/&gt;</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+You can ask the user to choose a Google account for authentication:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kd">static</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span> <span class="o">=</span> <span class="mi">1000</span><span class="o">;</span>
+
+<span class="kd">private</span> <span class="kt">void</span> <span class="nf">pickUserAccount</span><span class="o">()</span> <span class="o">{</span>
+    <span class="n">String</span><span class="o">[]</span> <span class="n">accountTypes</span> <span class="o">=</span> <span class="k">new</span> <span class="n">String</span><span class="o">[]{</span><span class="s">&quot;com.google&quot;</span><span class="o">};</span>
+    <span class="n">Intent</span> <span class="n">intent</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">newChooseAccountIntent</span><span class="o">(</span>
+            <span class="kc">null</span><span class="o">,</span>          <span class="c1">// Currently selected account</span>
+            <span class="kc">null</span><span class="o">,</span>          <span class="c1">// List of allowed accounts</span>
+            <span class="n">accountTypes</span><span class="o">,</span>  <span class="c1">// Allowed account types</span>
+            <span class="kc">true</span><span class="o">,</span>          <span class="c1">// Show the picker UI</span>
+            <span class="kc">null</span><span class="o">,</span>
+            <span class="kc">null</span><span class="o">,</span>
+            <span class="kc">null</span><span class="o">,</span>
+            <span class="kc">null</span><span class="o">);</span>
+    <span class="n">startActivityForResult</span><span class="o">(</span><span class="n">intent</span><span class="o">,</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span><span class="o">);</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Determine the name of the account they chose, then find the <span class="monospaced">Account</span> object that matches the selected name from the <span class="monospaced">AccountManager</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="nd">@Override</span>
+<span class="kd">protected</span> <span class="kt">void</span> <span class="nf">onActivityResult</span><span class="o">(</span><span class="kt">int</span> <span class="n">requestCode</span><span class="o">,</span> <span class="kt">int</span> <span class="n">resultCode</span><span class="o">,</span>
+        <span class="n">Intent</span> <span class="n">data</span><span class="o">)</span> <span class="o">{</span>
+    <span class="k">if</span> <span class="o">(</span><span class="n">requestCode</span> <span class="o">==</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span><span class="o">)</span> <span class="o">{</span>
+        <span class="c1">// Receiving a result from the AccountPicker</span>
+        <span class="k">if</span> <span class="o">(</span><span class="n">resultCode</span> <span class="o">==</span> <span class="n">RESULT_OK</span><span class="o">)</span> <span class="o">{</span>
+            <span class="n">String</span> <span class="n">accountName</span> <span class="o">=</span>
+                    <span class="n">data</span><span class="o">.</span><span class="na">getStringExtra</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_ACCOUNT_NAME</span><span class="o">);</span>
+
+            <span class="c1">//Find the matching account for the selected name</span>
+            <span class="n">AccountManager</span> <span class="n">accountManager</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
+            <span class="n">Account</span><span class="o">[]</span> <span class="n">accounts</span> <span class="o">=</span>
+                    <span class="n">accountManager</span><span class="o">.</span><span class="na">getAccountsByType</span><span class="o">(</span><span class="s">&quot;com.google&quot;</span><span class="o">);</span>
+            <span class="k">for</span> <span class="o">(</span><span class="n">Account</span> <span class="n">account</span> <span class="o">:</span> <span class="n">accounts</span><span class="o">)</span> <span class="o">{</span>
+                <span class="k">if</span> <span class="o">(</span><span class="n">account</span><span class="o">.</span><span class="na">name</span><span class="o">.</span><span class="na">equals</span><span class="o">(</span><span class="n">accountName</span><span class="o">))</span> <span class="o">{</span>
+                    <span class="c1">//Found a match, get an authentication token</span>
+                    <span class="n">getToken</span><span class="o">(</span><span class="n">account</span><span class="o">);</span>
+                    <span class="k">break</span><span class="o">;</span>
+                <span class="o">}</span>
+            <span class="o">}</span>
+        <span class="o">}</span>
+    <span class="o">}</span>
+    <span class="err">…</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Using <span class="monospaced">AccountManager.getAuthToken()</span>, we can ask the accounts framework to asynchronously authorize the user:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kd">static</span> <span class="kd">final</span> <span class="n">String</span> <span class="n">SCOPE</span> <span class="o">=</span>
+        <span class="s">&quot;oauth2:https://www.googleapis.com/auth/userinfo.profile&quot;</span><span class="o">;</span>
+<span class="kd">static</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">REQUEST_CODE_AUTHORIZE</span> <span class="o">=</span> <span class="mi">1001</span><span class="o">;</span>
+
+<span class="kd">public</span> <span class="kt">void</span> <span class="nf">getToken</span><span class="o">(</span><span class="n">Account</span> <span class="n">selectedAccount</span><span class="o">)</span> <span class="o">{</span>
+    <span class="n">AccountManager</span> <span class="n">accountManager</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
+    <span class="n">accountManager</span><span class="o">.</span><span class="na">getAuthToken</span><span class="o">(</span>
+            <span class="n">selectedAccount</span><span class="o">,</span>  <span class="c1">// Selected account</span>
+            <span class="n">SCOPE</span><span class="o">,</span>            <span class="c1">// Auth scope</span>
+            <span class="kc">null</span><span class="o">,</span>             <span class="c1">// Auth options</span>
+            <span class="k">this</span><span class="o">,</span>             <span class="c1">// Host activity for auth UI</span>
+            <span class="n">mCallback</span><span class="o">,</span>        <span class="c1">// Auth token callback</span>
+            <span class="kc">null</span><span class="o">);</span>
+<span class="o">}</span>
+
+<span class="c1">//Callback to handle auth token request results</span>
+<span class="kd">private</span> <span class="n">AccountManagerCallback</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;</span> <span class="n">mCallback</span> <span class="o">=</span>
+        <span class="k">new</span> <span class="n">AccountManagerCallback</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;()</span> <span class="o">{</span>
+
+    <span class="nd">@Override</span>
+    <span class="kd">public</span> <span class="kt">void</span> <span class="nf">run</span><span class="o">(</span><span class="n">AccountManagerFuture</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;</span> <span class="n">result</span><span class="o">)</span> <span class="o">{</span>
+        <span class="n">Bundle</span> <span class="n">bundle</span> <span class="o">=</span> <span class="n">result</span><span class="o">.</span><span class="na">getResult</span><span class="o">();</span>
+
+        <span class="n">Intent</span> <span class="n">authIntent</span> <span class="o">=</span> <span class="o">(</span><span class="n">Intent</span><span class="o">)</span> <span class="n">bundle</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_INTENT</span><span class="o">);</span>
+        <span class="k">if</span> <span class="o">(</span><span class="n">authIntent</span> <span class="o">!=</span> <span class="kc">null</span><span class="o">)</span> <span class="o">{</span>
+            <span class="c1">//Additional user authentication required first</span>
+            <span class="n">startActivityForResult</span><span class="o">(</span><span class="n">launch</span><span class="o">,</span> <span class="n">REQUEST_CODE_AUTHORIZE</span><span class="o">);</span>
+        <span class="o">}</span> <span class="k">else</span> <span class="o">{</span>
+            <span class="c1">//We are authenticated with the service</span>
+            <span class="n">String</span> <span class="n">token</span> <span class="o">=</span> <span class="n">bundle</span><span class="o">.</span><span class="na">getString</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_AUTHTOKEN</span><span class="o">);</span>
+
+            <span class="c1">//…Use this token to access web services…</span>
+        <span class="o">}</span>
+    <span class="o">}</span>
+<span class="o">};</span>
+</pre></div></div></div>
+<div class="ulist"><ul>
+<li>
+<p>
+If the registered <span class="monospaced">AccountAuthenticator</span> needs the user to enter additional information, this will return an activity <span class="monospaced">Intent</span> you need to launch.
+</p>
+</li>
+<li>
+<p>
+Otherwise, the token will be returned in the callback <span class="monospaced">Bundle</span>.
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+You can now use this token to access this service&#8217;s APIs, or your own.
+</p>
+</li>
+</ol></div>
+</li>
+</ul></div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_encryption">10. Encryption</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+Enhanced privacy and integrity of data (beyond the application sandbox) can be achieved using encryption
+</p>
+</li>
+<li>
+<p>
+On-device data encryption is usually done via Java Cryptography Extension (JCE)
+</p>
+</li>
+<li>
+<p>
+The <em>key</em> to secure on-device encryption is not storing the decryption keys on the file system
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+If the file system is compromised (e.g. rooted) the keys are just as easy to obtain as the data
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+The chosen method of encryption should rely on information that cannot be obtained by dumping <span class="monospaced">/data</span>
+</p>
+</li>
+<li>
+<p>
+The workhorse of encryption/decryption is the <a href="https://developer.android.com/reference/javax/crypto/Cipher.html"><span class="monospaced">Cipher</span></a>:
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+To encrypt to a byte array:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
+<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="c1">// derived key for chosen algorithm</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+To decrypt the same byte array:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// read encrypted buffer from somewhere</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+To avoid keeping large blocks of data in memory, there&#8217;s <span class="monospaced">CipherInputStream</span> and <span class="monospaced">CipherOutputStream</span>:
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+To encrypt to a file/stream:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
+<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="c1">// derived key for chosen algorithm</span>
+<span class="n">OutputStream</span> <span class="n">out</span> <span class="o">=</span> <span class="k">new</span> <span class="n">FileOutputStream</span><span class="o">(</span><span class="s">&quot;some-file&quot;</span><span class="o">);</span>
+<span class="k">try</span> <span class="o">{</span>
+    <span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+    <span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
+    <span class="n">out</span> <span class="o">=</span> <span class="k">new</span> <span class="n">CipherOutputStream</span><span class="o">(</span><span class="n">out</span><span class="o">,</span> <span class="n">cipher</span><span class="o">);</span>
+    <span class="n">out</span><span class="o">.</span><span class="na">write</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
+    <span class="n">out</span><span class="o">.</span><span class="na">flush</span><span class="o">();</span>
+<span class="o">}</span> <span class="k">finally</span> <span class="o">{</span>
+    <span class="n">out</span><span class="o">.</span><span class="na">close</span><span class="o">();</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+To decrypt the same file/stream:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">InputStream</span> <span class="n">in</span> <span class="o">=</span>  <span class="k">new</span> <span class="n">FileInputStream</span><span class="o">(</span><span class="s">&quot;some-file&quot;</span><span class="o">);</span>
+<span class="k">try</span> <span class="o">{</span>
+    <span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+    <span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
+    <span class="n">in</span> <span class="o">=</span> <span class="k">new</span> <span class="n">CipherInputStream</span><span class="o">(</span><span class="n">in</span><span class="o">,</span> <span class="n">cipher</span><span class="o">);</span>
+    <span class="n">in</span><span class="o">.</span><span class="na">read</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span> <span class="c1">// do properly</span>
+<span class="o">}</span> <span class="k">finally</span> <span class="o">{</span>
+    <span class="n">in</span><span class="o">.</span><span class="na">close</span><span class="o">();</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+</ul></div>
+</li>
+</ul></div>
+<div class="sect2">
+<h3 id="_password_based_encryption">10.1. Password Based Encryption</h3>
+<div class="ulist"><ul>
+<li>
+<p>
+One secure method for encrypting data is to rely on a user-entered password to derive the encryption key.
+</p>
+</li>
+<li>
+<p>
+This type of encryption pairs well with the <a href="http://en.wikipedia.org/wiki/Advanced_Encryption_Standard">Advanced Encryption Standard</a> (AES) cipher algorithm.
+</p>
+</li>
+<li>
+<p>
+AES is a <em>symmetric-key algorithm</em>, meaning it uses the same key to encrypt/decrypt data.
+</p>
+</li>
+<li>
+<p>
+Advantage: Key is not stored anywhere an attacker can search without "shoulder surfing"
+</p>
+</li>
+<li>
+<p>
+Disadvantage: Requires asking user for passcode repeatedly, or caching in memory (reducing the security factor).
+</p>
+</li>
+<li>
+<p>
+We can use the following steps to derive a password-based key:
+</p>
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Android only supports the "PBKDF2WithHmacSHA1" key derivation algorithm, which requires a random <em>salt</em> to apply to the password (to reduce brute-force capabilities).
+</p>
+</li>
+<li>
+<p>
+The Cipher Block Chaining (CBC) mode is well-supported for AES on Android, which also requires a random <em>initialization vector</em> for encryption.
+</p>
+</li>
+<li>
+<p>
+We can generate all the necessary bits with the help of <a href="https://developer.android.com/reference/java/security/SecureRandom.html"><span class="monospaced">SecureRandom</span></a>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AES/CBC/PKCS5Padding&quot;</span><span class="o">);</span>
+
+<span class="c1">// Do *not* seed secureRandom! Automatically seeded from system entropy.</span>
+<span class="n">SecureRandom</span> <span class="n">random</span> <span class="o">=</span> <span class="k">new</span> <span class="n">SecureRandom</span><span class="o">();</span>
+
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="mi">32</span><span class="o">];</span>
+<span class="n">random</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">salt</span><span class="o">);</span>
+
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">iv</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="n">cipher</span><span class="o">.</span><span class="na">getBlockSize</span><span class="o">()];</span>
+<span class="n">random</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">iv</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+The <em>salt</em> will be necessary to derive the <span class="monospaced">SecretKey</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kd">private</span> <span class="n">SecretKey</span> <span class="nf">generateSecretKey</span><span class="o">(</span><span class="kt">char</span><span class="o">[]</span> <span class="n">passphraseOrPin</span><span class="o">,</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span><span class="o">)</span>
+        <span class="kd">throws</span> <span class="n">NoSuchAlgorithmException</span><span class="o">,</span> <span class="n">InvalidKeySpecException</span> <span class="o">{</span>
+    <span class="c1">// Number of PBKDF2 hardening rounds to use. Larger values increase</span>
+    <span class="c1">// computation time. You should select a value that causes computation</span>
+    <span class="c1">// to take &gt;100ms.</span>
+    <span class="kd">final</span> <span class="kt">int</span> <span class="n">iterations</span> <span class="o">=</span> <span class="mi">1000</span><span class="o">;</span>
+
+    <span class="n">SecretKeyFactory</span> <span class="n">secretKeyFactory</span> <span class="o">=</span>
+            <span class="n">SecretKeyFactory</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;PBKDF2WithHmacSHA1&quot;</span><span class="o">);</span>
+    <span class="n">KeySpec</span> <span class="n">keySpec</span> <span class="o">=</span>
+            <span class="k">new</span> <span class="n">PBEKeySpec</span><span class="o">(</span><span class="n">passphraseOrPin</span><span class="o">,</span> <span class="n">salt</span><span class="o">,</span> <span class="n">iterations</span><span class="o">,</span> <span class="n">KEY_LENGTH</span><span class="o">);</span>
+    <span class="kt">byte</span><span class="o">[]</span> <span class="n">keyBytes</span> <span class="o">=</span> <span class="n">secretKeyFactory</span><span class="o">.</span><span class="na">generateSecret</span><span class="o">(</span><span class="n">keySpec</span><span class="o">).</span><span class="na">getEncoded</span><span class="o">();</span>
+
+    <span class="k">return</span> <span class="k">new</span> <span class="n">SecretKeySpec</span><span class="o">(</span><span class="n">keyBytes</span><span class="o">,</span> <span class="s">&quot;AES&quot;</span><span class="o">);</span>
+<span class="o">}</span>
+</pre></div></div></div>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">See <a href="http://android-developers.blogspot.com/2013/02/using-cryptography-to-store-credentials.html">Using Cryptography to Store Credentials Safely</a></td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+This key is used to initialize the <span class="monospaced">Cipher</span> and encrypt some plain text into ciphertext:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">String</span> <span class="n">passphrase</span> <span class="o">=</span> <span class="c1">// user entered password</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
+<span class="n">SecretKey</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
+
+<span class="c1">//Pack the result in a cipher text blob</span>
+<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+We can use the same process to decrypt the ciphertext data:
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">The same salt and initialization vector are required for decrypting the data, so they must be saved somewhere. These values are NOT secret, so it is safe to persist them.</td>
+</tr></table>
+</div>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="c1">// retrieve from encryption step</span>
+<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">iv</span> <span class="o">=</span> <span class="c1">// retrieve from encryption step</span>
+<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// encrypted ciphertext</span>
+
+<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AES/CBC/PKCS5Padding&quot;</span><span class="o">);</span>
+
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+For more details, see <a href="http://nelenkov.blogspot.com/2012/04/using-password-based-encryption-on.html">Using Password-based Encryption on Android</a>
+</p>
+</li>
+</ul></div>
+</div>
+<div class="sect2">
+<h3 id="_keystore_and_keychain_api">10.2. Keystore and Keychain API</h3>
+<div class="ulist"><ul>
+<li>
+<p>
+Since Donut/1.6, Android has had a system-wide <span class="monospaced">keystore</span> for storage of VPN and (later) WiFi authentication keys
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+See <a href="http://www.google.com/support/mobile/bin/answer.py?hl=en&amp;answer=168466">Working with secure certificates</a>
+</p>
+</li>
+<li>
+<p>
+Pre ICS/4.0, applications were not able to access it, so those needing to authenticate via client certificates ended up maintained their own key store (hard to manage across apps)
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+In ICS/4.0, Android adds support for <a href="http://developer.android.com/reference/android/security/KeyChain.html"><span class="monospaced">android.security.KeyChain</span></a>, which provides apps with
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Access to private keys in the system key store and their corresponding certificate chains (subject to one-time user approval)
+</p>
+</li>
+<li>
+<p>
+Ability to initiate installation of credentials from X.509 certificates and PKCS#12 key stores (e.g. for installation of organization CA certs)
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Also, in ICS/4.0, Android uses the screen lock password to protect the system credential storage, which works well with device administration APIs and prevents the user from disabling the password as long as they use the secured credentials
+</p>
+</li>
+<li>
+<p>
+See <a href="http://android-developers.blogspot.com/2012/03/unifying-key-store-access-in-ics.html">Unifying Key Store Access in ICS</a>
+</p>
+</li>
+</ul></div>
+</div>
+<div class="sect2">
+<h3 id="_encryption_using_hardware_backed_private_keys">10.3. Encryption Using Hardware-Backed Private Keys</h3>
+<div class="ulist"><ul>
+<li>
+<p>
+On Android 4.3+, the hardware-backed <em>AndroidKeyStore</em> stores device-specific private keys.
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+See <a href="https://developer.android.com/training/articles/keystore.html">Using Android Keystore Provider</a>
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+We can use these keys with the <a href="http://en.wikipedia.org/wiki/RSA_%28cryptosystem%29">RSA</a> cipher algorithm
+</p>
+</li>
+<li>
+<p>
+RSA is an <em>asymmetric-key algorithm</em>, meaning it uses a separate "public" key to encrypt data and a "private" key to decrypt it.
+</p>
+</li>
+<li>
+<p>
+RSA private keys are stored inside a secure hardware element.
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Typically a Trusted Execution Environment (TEE) on the SoC.
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">KeyChain.isBoundKeyAlgorithm()</span> will tell if other algorithms are also hardware-bound (and, therefore, non-exportable)
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Advantage: This approach doesn&#8217;t require user input (password)
+</p>
+</li>
+<li>
+<p>
+Disadvantage: Key generation is slow. Technically key is retrievable (though it would require dismantling the SoC)
+</p>
+</li>
+</ul></div>
+<div class="paragraph"><p>Here is an example of using a non-exportable key to encrypt a chunk of data:</p></div>
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+To encrypt data with a hardware-bound key, we first need to generate one for the application:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="c1">//Create key pair with self-signed certificate information</span>
+<span class="n">Calendar</span> <span class="n">cal</span> <span class="o">=</span> <span class="n">Calendar</span><span class="o">.</span><span class="na">getInstance</span><span class="o">();</span>
+<span class="n">Date</span> <span class="n">now</span> <span class="o">=</span> <span class="n">cal</span><span class="o">.</span><span class="na">getTime</span><span class="o">();</span>
+<span class="n">cal</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="n">Calendar</span><span class="o">.</span><span class="na">YEAR</span><span class="o">,</span> <span class="mi">1</span><span class="o">);</span>
+<span class="n">Date</span> <span class="n">end</span> <span class="o">=</span> <span class="n">cal</span><span class="o">.</span><span class="na">getTime</span><span class="o">();</span>
+
+<span class="n">KeyPairGenerator</span> <span class="n">kpg</span> <span class="o">=</span> <span class="n">KeyPairGenerator</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA&quot;</span><span class="o">,</span> <span class="s">&quot;AndroidKeyStore&quot;</span><span class="o">);</span>
+<span class="n">kpg</span><span class="o">.</span><span class="na">initialize</span><span class="o">(</span><span class="k">new</span> <span class="n">KeyPairGeneratorSpec</span><span class="o">.</span><span class="na">Builder</span><span class="o">(</span><span class="n">context</span><span class="o">)</span>
+        <span class="o">.</span><span class="na">setAlias</span><span class="o">(</span><span class="n">KEY_ALIAS</span><span class="o">)</span>
+        <span class="o">.</span><span class="na">setStartDate</span><span class="o">(</span><span class="n">now</span><span class="o">)</span>
+        <span class="o">.</span><span class="na">setEndDate</span><span class="o">(</span><span class="n">end</span><span class="o">)</span>
+        <span class="o">.</span><span class="na">setSerialNumber</span><span class="o">(</span><span class="n">BigInteger</span><span class="o">.</span><span class="na">valueOf</span><span class="o">(</span><span class="mi">1</span><span class="o">))</span>
+        <span class="o">.</span><span class="na">setSubject</span><span class="o">(</span><span class="k">new</span> <span class="n">X500Principal</span><span class="o">(</span><span class="s">&quot;CN=&quot;</span> <span class="o">+</span> <span class="n">KEY_ALIAS</span><span class="o">))</span>
+        <span class="o">.</span><span class="na">build</span><span class="o">());</span>
+
+<span class="c1">//Calling this also binds the private key to hardware</span>
+<span class="c1">// You could obtain it here with getPrivate(), if needed</span>
+<span class="n">KeyPair</span> <span class="n">kp</span> <span class="o">=</span> <span class="n">kpg</span><span class="o">.</span><span class="na">generateKeyPair</span><span class="o">();</span>
+
+<span class="c1">//Use public key to encrypt data</span>
+<span class="n">PublicKey</span> <span class="n">publicKey</span> <span class="o">=</span> <span class="n">kp</span><span class="o">.</span><span class="na">getPublic</span><span class="o">();</span>
+</pre></div></div></div>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">You only need to do this once, and persist the public key somewhere for re-use. Generating a hardware-bound key is expensive (many seconds).</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Now we can pass the public key to a <span class="monospaced">Cipher</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA/ECB/PKCS1Padding&quot;</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">publicKey</span><span class="o">);</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+To decrypt, we retrieve the private key from the keystore:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">KeyStore</span> <span class="n">ks</span> <span class="o">=</span> <span class="n">KeyStore</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AndroidKeyStore&quot;</span><span class="o">);</span>
+<span class="n">ks</span><span class="o">.</span><span class="na">load</span><span class="o">(</span><span class="kc">null</span><span class="o">);</span>
+<span class="n">KeyStore</span><span class="o">.</span><span class="na">Entry</span> <span class="n">entry</span> <span class="o">=</span> <span class="n">ks</span><span class="o">.</span><span class="na">getEntry</span><span class="o">(</span><span class="n">KEY_ALIAS</span><span class="o">,</span> <span class="kc">null</span><span class="o">);</span>
+<span class="k">if</span> <span class="o">(!(</span><span class="n">entry</span> <span class="k">instanceof</span> <span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">))</span> <span class="o">{</span>
+    <span class="k">throw</span> <span class="k">new</span> <span class="n">KeyException</span><span class="o">(</span><span class="s">&quot;Not an instance of a PrivateKeyEntry&quot;</span><span class="o">);</span>
+<span class="o">}</span>
+
+<span class="n">PrivateKey</span> <span class="n">privateKey</span> <span class="o">=</span> <span class="o">((</span><span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">)</span> <span class="n">entry</span><span class="o">).</span><span class="na">getPrivateKey</span><span class="o">();</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+The private key can then be passed to the decrypt <span class="monospaced">Cipher</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// encrypted ciphertext</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA/ECB/PKCS1Padding&quot;</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">privateKey</span><span class="o">);</span>
+
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+</ol></div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_lab_encrypting_file_data">11. Lab: Encrypting File Data</h2>
+<div class="sectionbody">
+<div class="ulist"><ul>
+<li>
+<p>
+To begin, download and import the initial <em>SecureNote</em> application (if you are using our student VMs, you can skip this step and simply open the <span class="monospaced">SecureNote</span> project):
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+Option #1: Clone separately and import:
+</p>
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Download the code <a href="https://github.com/thenewcircle/SecureNote">from GitHub</a>:
+</p>
+<div class="ulist"><ul>
+<li>
+<p>
+As a ZIP archive: <a href="https://github.com/thenewcircle/SecureNote/archive/master.zip">https://github.com/thenewcircle/SecureNote/archive/master.zip</a>
+</p>
+</li>
+<li>
+<p>
+On the command line: <span class="monospaced">git clone https://github.com/thenewcircle/SecureNote.git</span>
+</p>
+</li>
+</ul></div>
+</li>
+<li>
+<p>
+Open Android Studio
+</p>
+</li>
+<li>
+<p>
+Select <em>Import project</em>
+</p>
+</li>
+<li>
+<p>
+Choose the root directory of the cloned project
+</p>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Option #2: Import directly from GitHub:
+</p>
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Open Android Studio
+</p>
+</li>
+<li>
+<p>
+Select <em>Check out project from Version Control</em> &#8594; <em>Git</em>
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+Enter "https://github.com/thenewcircle/SecureNote.git" as the URL
+</p>
+</li>
+<li>
+<p>
+Choose a destination directory on your machine (e.g. <span class="monospaced">~/StudioProjects</span>)
+</p>
+</li>
+<li>
+<p>
+Click <em>Clone</em>
+</p>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+After the clone is complete, select <em>Yes</em> to open the project
+</p>
+</li>
+<li>
+<p>
+Click <em>OK</em> to run the Import Wizard with the default options
+</p>
+</li>
+</ol></div>
+</li>
+</ul></div>
+</li>
+</ul></div>
+<div class="paragraph"><p>After importing, you will need to click File&#8594;Sync Project with Gradle Files</p></div>
+<div class="paragraph"><p>Once the project is imported and open, build and deploy it to a device/emulator. You should see a user interface that looks like this:</p></div>
+<div class="imageblock">
+<div class="content">
+<img alt="images/Lab-SecureNote.png"
+src="data:image/png;base64,
+iVBORw0KGgoAAAANSUhEUgAAAWgAAAKACAYAAACxGuKnAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAL
+EwAACxMBAJqcGAAAAVlpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6
+eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYg
+eG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4K
+ICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6dGlm
+Zj0iaHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8iPgogICAgICAgICA8dGlmZjpPcmllbnRh
+dGlvbj4xPC90aWZmOk9yaWVudGF0aW9uPgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9y
+ZGY6UkRGPgo8L3g6eG1wbWV0YT4KTMInWQAAQABJREFUeAHsnQW8HsXVhyfuISQhQUKcBHfX4O5Q
+3KVIaZHiBVIoUOhHkVKkRUpxdynu7hogkARNQtw93z7n5lz2bt732t6FTfY/+b2yuzNnZp6d/c/Z
+s/PeNGrSpMncoCQCIiACIpA7Ak1z1yI1SAREIBcE5s6dG3jFU6NGjWzTP+PH0n6nrrrYnTNnTpUq
+KVuX8lUK53SjkTzonJ4ZNUsEfgUCiB5CGelCaN26tb2aNWtm+9g/derUMGXKlDB9+nRrHfnSJuqk
+jkUXXTSMGjXK6qpOaGlH06ZNQ5cuXULjxo0tP5/Tpk0LI0eOtH1p25SX8hLovJwJtUMEfkUCiCQi
+17Fjx7DIIouEmTNnhuHDh1cKcbxpSyyxRGjTpo0d++mnn+yzvt4r9bZs2dJeY8eOtWoQ69mzZ5f0
+hhFnjvsEEW8X35lUEOrqBD5ZJs/bEug8nx21TQQyJoDg8VpyySXNKx02bFiVGtddd92w+OKL2z6E
+74knnqhyvH379qFTp04BoZ40aZJ53lUyVLNBvc2bN7eJAa/8t7/9bXjyySfDkCFDbD8iHU9s4zXj
+PeNtDxgwoDIfoo33/OijjwbahCc+efLkWnnTtKOUoDN5kGo7+Xh+JrpSqabjpcpIoEtR0T4RKAAB
+BAOxQ4C//fZb6/EWW2wRdt9997DyyiuHrl27mhDilSJiCCReLq+vvvoqPPfcc+Ef//iHlWvVqpV5
+r6NHj661SGNvueWWC5999lm4+eabw1prrRWWXXZZE0S86hkzZlSeBfK2a9cuTJw40fb16dMnvPvu
+u7YPb5r8bK+xxhqVZTx/qTAM/eHVokULY8AE4SINFwS/Q4cO1hfCOhMmTKg8XlnBvC/khxH1kchL
+GRfqmo7PM1PyQwJdEot2isDCTQDRQJwQN4Rqr732CkcddVRYddVVTZhq03vCIHi7Dz30UDj55JOt
+CCGSMWPG1CjSCC5iPGjQoHD66aeHCy64IAwePDgss8wy5iWPHz8+zJo1q7IZHp8+99xzwzrrrGOi
+uvHGG9sn7Udc8eLfeOMNq/s///lPuOuuu0Lnzp0Dk4aLpRvEHp42gk85JioSdVKGbUI8npZeeunw
+448/Bri5kHOMfjDB0V5EmYRQI9gjRoyw7eqOl5o8rNC8N63iiNPQdxEoCAFCC7wIW9x0001hzz33
+DHjBJPcua0KBl9mvX7/wxz/+MWy++ebhxBNPDM8//7wJfDmPE3FDBCmHOBPWOOOMM6wq2kJCBJOp
+bdu2FrZYb731Al4+iXa6YPK52GKLhR122MGOvfnmm/bp5WwjekNQCckQAuFFwov/4osv7Bji7Pu3
+3nprs0lYhzsMBB1PGxv0gzoJubiQw5B99957rwk/kxX5yh2nvUwO1Yl06WCJNVtvIiACCyMBhI2H
+fIho3759A0KEOCOcCAwJj7O6F8KDHcSKtNpqq1lMmO9+q8/3eHJxpk4EcddddzXPGREluZfLJ7bj
+ydvlYQ+vN1mGcvQD754Ut0MZ96gRz7///e/h008/DRdffLH1g7AJ4kyoBYHnzuDGG28Mn3/+ebj6
+6quNF543D0nxqJdaaimLe++zzz7hyy+/DLfddlu44447LGSzyy672J0E3nu544gz3rX3Jd5f/y6B
+dhL6FIGCEEAox40bZwJDWOHxxx+3nnNbzzEXX3YicPGX7+OTfJ7whgcOHGibCH8ykRfh7Nmzp4Uy
+VlxxxXDllVfaqhEXUy8Tt5vc58f804/7J/v95fv4ROC7d+9uAozY4hH/4Q9/MO8Z0SW5TcIjiPQj
+jzwSLr30UjtG+AdvH1H94YcfAg9Tv//+ezt23nnn2USHmN96660WurnwwgvtGG+ljhPSITHheIzf
+diTeFOJIANGmCBSFALFiPMlDDjnEPGpu0UkIsosV2/497o2yD8+P23OE6sgjjySreZfEauO37eRF
+nPE4hw4davmID7NyBOF0L9jte32WsQHf3FPFY3/nnXfCK6+8YrFzr5fJiruJ3r17mwfNw1ISoSDE
+fP311w/XXnttOOWUU0LPaKI55phjwn777RfwvJ955plKBsTRyUuMHL7lju+2227hvvvuMy6Ifql+
+y4NuwAEgUyKwoBBADPyhFuGN3/zmNyZa7EewXLToj2/7MT4RVkQYG3iIL730knmRiLM/cHMWiDPx
+Vvc433vvPfNc4+LsebP6ZBKgflZmHHDAASaeLMljP/0hsWqFUMXhhx8ejj/+eHtg6vv5/O677/gI
+hx12WDj66KMtFt6jRw/bh8B68nzEtom1k0od92Pxycxt+Kc8aCehTxEoGAGEAS8aTxahXXPNNS3e
+inC4d+zi5WhcnBE2QhPEcfEqfUUG4hwXd+zwwxf3kvE0WSmCOCdtex1ZfdJfD+0g1oQ84omJ6uuv
+v7YXYQceCLJihHgyIZEzzzzTsl9//fW22uTpp58OW265ZdyEfadvJJb+sVImmZwPx0nVcZAHnaSn
+bREoEAEEFe+Oh14k1j/jASJmHhJwD5rjca/38ssvD3/6058qV2RQxsWHvHxHhFg1wZKz+++/P2y2
+2Wa2H1GqTpgon3XyB45ejwvrCiusYOLMflZk0C9facIDTh4qHnHEEVbMJx630dCfEuiGJip7IrAA
+EUBEEWk8RMSHddEDo4d9rA9GmNzTRUzJ66Lqa5979eplD8zKCRXCj1d63XXXmSfqaNyeb/9Sn9Tr
+Qux98brZzwqNTz75xHYR7iBu/uc//znccsstNnkRp+YOgxgzyZcG2sa8N2fBseQkQBav13+uHp/U
+4nb4rhBHkoi2RaBgBFykEZ/+/fsHbuFZ33vOOefYLbqLNPkQH+LNO++8s3nG/KoQoUHM4wnvG1ss
+UbvkkkvsQSTHsYWN6kQpbifr7/F24O3DgPT2228HJh/WdvtKjg8//NAe+rFEkBfJ8yPsnggZkchD
+eIdU6jgTAMknDNtIvEmgE0C0KQJFJIBQIbIIKsLKMjGWn/ELQQSVB3142h999JE9YIMR+ZM/7cY7
+JK//hPuEE04Ixx57rNlwcaase5Hx774vLpocL5c8v3+Wy1duP+Xom08ufCfxYxt+Mo4g94xWa/BD
+HvIQtz711FNtrfPyyy9vKzs4xkTGj2eYiGC04YYb2sNGfgpP4teWyeOI9z333GMPLZnkyvVBAm0I
+9SYCIgABRIq/s8FSM5aT8SCNn4EjPKz95cclJEIXhEXYHxdUxBlR4+9r7LvvvuHss882L5wHioic
+x7XNSPSGMLGPet2Of3oePn1f/DPpeXLM7Xi+uA3/7sdoE39QiYeBJEST+DMhDEIThHxYr02fWGrH
+Wm8Emv1MQO4Vs4oFkf79739vdhDks846y77zBoO//OUvVY6Tn8SDSR5c+iRhO2NvEugYDH0VgaIT
+cMHkF3X86m7vvfe2TwTppJNOMvFmXS8inhRnhI/QCGudDzroIPtDSv6rQn4WXi655+qrGsiX9Cg9
+j9spJ2iUpV28SKXs4PWTWAfNkjv/aTd1MAkdfPDBgbXSlEXE6Rf2/Ac4TFjdunULL7zwgok0P1Dh
+xfI88hIiIvFwFBvEr3klj8MquWbcCsbeJNAxGPoqAiJQ4UUjRv4LO27Pe0XxWDxDHpqVEme4IXAu
+iPxtDpbwIXguruRx75Xvnpd9iDPhExKimPSO/WEbgsafFSXu7eWt0Lw39uGRUzcJW8nEcYQeO6ws
+IVE/efmTqfzJ03KJCYf+82IJHe3h59r8vQ0ehHryfWz791LHq5toKKu/ZgcFJREQgfkIIGQ85GI1
+AoLoQlOdqFAGEfM/Czqf0Rp2IJSIcSnxRbTjf9aznCkEH4GmLaXsUI489INf+tE3/hqdTyTs4xh5
+KO+fCDjeN380iXa6J0678LjZT8JW/G9R13TcCpV5k0CXAaPdIiACFX/9DVFEkBC96sTZeSFIiBq3
++C56CF0psSQfLxLCjLCXy4ct4sG1TYQlaEspe27Dj8fzsK9cog3eZu+b52VCIJVjVNNxtxP/lEDH
+aei7CIhASQKIUlzESmaK7UQcye/iGztU8it5EUYXsVKZsEVYgVc5u14nv4yszlYp+3ncF/WnUcX0
+lcfWqU0iIAILJAGEsj6pnPDWx9bCUKapPxVdGDqjPoiACIjAwkSgqa/li3cqPvv5jMY+/07eeJ54
+WX0XAREQARFoGAJNk4HupNm4EMe/J/NpWwREQAREoGEJ6I8lNSxPWRMBERCBBiMggW4wlDIkAiIg
+Ag1LQALdsDxlTQREQAQajIAEusFQypAIiIAINCwBCXTD8pQ1ERABEWgwAhLoBkMpQyIgAiLQsAQk
+0A3LU9ZEQAREoMEISKAbDKUMiYAIiEDDEpBANyxPWRMBERCBBiMggW4wlDIkAiIgAg1LQALdsDxl
+TQREQAQajIAEusFQypAIiIAINCwBCXTD8pQ1ERABEWgwAhLoBkMpQyIgAiLQsAQk0A3LU9ZEQAQK
+QoC/jx//G/lZdFsCnQVV2RQBEVioCSDMrVq1sleWIt2gAu0N5Q/78x8B6A/8L9RjVJ0TgUISQOfa
+tWsXPv/8c3vx3bWvoYE0bQiDNA5BpqGkmTNn2v/Qy/93yP/uO2XKFPsv1RdmwYYBfWVWhQUM6He8
+z+Rp3ry55eF/MJ48eXKN/y18ufPjAyJuv1xe7RcBEWgYAlx3/K/iH330UVh33XXN6Ouvvx769+8f
+pk+fXuV6b4gaUws0QoPoIMYffvhhyTbx/x527NgxTJo0ycSrZKYFeCcnjf4PGzbMJiLvynLLLWci
+jWB7ni+++MIPh8UXXzy0adPG/nv42gqt22nbtq3ZgSmTQW3LV1auLyIgAnUmwHX38ccfh7/97W/h
+sMMOs/LXX399OPnkk8OKK65oGteQ12KqEAdigTjjCX766afhT3/6U3j66afDJ598Yq7/G2+8Ea69
+9loTD/bROQQ9mbDDq6ZU23w12UkeL2e33P54efLgNX/55ZfhoIMOCs8880x4+eWXw8CBA8Nnn30W
+FllkEeuz5znjjDPCK6+8Ep544omw2mqrha+++spm5KTNUnWzj4ngm2++Ce+99569hg4davs4lkyl
+bCTzaFsERKB2BNA6whobbbRROPTQQ8Oiiy5qL76zD+cL77ohUyoPmlv6GTNmhB9++MGEefPNN5+v
+bWuvvXbYYostAsJ05513hhVWWMEEnVmGF53GDsLNLcLs2bPn8wZdmMhLIg954wkbeKoc4+WJfRzD
+Bp4mie0mTZpUbrds2dLKTJs2zeomL3moj/KzZs2yfrI/mdjnJ2WZZZYJm222mWVZdtllTYTffvvt
+wH7Ps9JKK4X111/f2nPXXXdZXurx/sTr9X76pEY7Bw0aFPbdd9+w1157WVtheuuttwbqi7ef/lFn
+Te1P9kfbIiAC+SFQb4FGmPCI33///XDbbbcFF2c8u2effdYEDTFCsHr37h3OOussE2iECPFAlPjk
+dsETQta6deswceLESqFEYNq3bx/GjBljXqrnxTaTA6JEnlGjRlm5zp07mw1Ejf3EgX/66ScLJTDj
+sW/06NFmr0+fPtYGvHsS24gisfSpU6faXYHXx+0LQs1+bMSTCzcTgE8OnTp1Cn/5y19sckIoPQ9t
+JmHH8/ox+ul3I26fCY0EExd5eO600062/5133rFPeMICW3VtvxnQmwiIQLUEuHaJNb/00kvhhhtu
+CIcffrjp1I033mj7sghx1FugudVGNEh4yaTBgweH1Vdf3b77G94dHh9C8+c//zmcc845YZ111gmE
+P0hbbbVVWHrppS12gzdIoqPYdm/ygw8+MJHeb7/9TNi5rX/uuedMiJZaaikTO/dSKYeYUxYBXGyx
+xULfvn3NWx45cqR56gjxKqusEvBuyX/IIYfY54svvhi6du1qDwBoB14qk9C3334bnnzySbNJPYh+
+XKQ95sQn+317k002sYnpvPPOCxtssAEmK48lyxOL9hi+1zt8+PDw6KOPWjn4uSfNxObizncS9jiO
+yPMAg+R2amq/ZdabCIhAjQR45tOvXz+LOf/3v/+1/Fxv7OOYX/s1GqplhnoLNA3BY8NbQwxJeIUk
+Zpkll1zSYqUPPfRQ6NWrV+D23G/jEWfCHog1QokNjg0cONBmJgLweMjsI4575ZVXhh133NFsIkjj
+x48PeI6nnHJKePfddwMP466++mqr9/HHHw977rmnTRpvvvmm2WMbkTr44IMD++6++24LCSC6Xbp0
+CRtuuKF5y4ggIk4sff/997d245lOmDDB7hROO+208Nprr1l99LXcyUAoaTtxZ+JTCLRPZqXK4Bkz
+WeBx09aePXvaRMQJp/+XX365hTGYzO6///7ApIQdXieddFI44ogjwqmnnhp8wBBOOuCAA+zOpT7t
+t5OoNxEQgWoJ+J1vtZlSHqy3QHM7z238999/H7777rvQo0cPE0gEGYHDwyX9+OOPFtrgO0KEUONN
+8uSze/fu5gny0AtbxFERacTsmmuuoUjg9gFhJY0bN85CAAgUIRWOIfBMFL4ighAHCQ+fxOoRvGBW
+kvhEwnf27bzzzhbiIB9iSrrgggtM+JkIEGYEu1u3bmHjjTcO//73v837x4NG+Ah5JBOiiXdLmGfA
+gAGhZyS23BngzZZLiDMifNxxx5noIswjRowwIV5rrbXCZZddZuEcQjHUCXvqJ/m2e9IXXnhh+OMf
+/2h9rU/7y7VR+0VABILpBmHZiy++2BwjmFx33XX5W8XB7OEChbggxIgGni4rORBoxA4PlbTGGmtY
+6AIxPf30002cEVy8aMQdL5BlasSg8TpJe++9d9htt93sO143godY4i3jpa688srhn//8ZxgyZEhl
+W/xBoM9u3kbiR77PPXm2n3rqqXD++eebneWXX95WYiB2nATqJvxC/yiDh33RRRdZOxF4DzlYA6M3
+7PFiIsDTfuGFF+zQdtttF4488kj7Hg9tuKhus802FgZC3BHh3Xff3fgQtydcw6TD3QIrZZjEGBye
+LrnkEsvLyhAmK1aSUD/txw7tR+Br0363qU8REIH5CaBvvoqDJXYdOnSwF3rFXXgWqzgaz9+M2u1B
+THigRbyYkAGNfPXVVy3MQdwXMUWIEY5//OMfFpJANIjLsryMRHwVcSTdfvvt4YEHHrDvxHlJhEGI
+qeKxIjLEohGoY445JrA4nPp58EeiPfFP26hmP8d5wEnYAI8foUNECc0g5oQlWDJHOv744yvjw0w0
+JIQ/Lra2M/ZGu7fffnvzwBFzvGOSTxIu5OxDSBFh6mXyIfTCIngmOEI2JMI4hF1I3lds+CTB4CCW
+zt2Bt5+JknTCCSfUuf1WUG8iIAK1IsA16dd2rQrUMlO9QxzYR6AQSW7D33rrLQtd8GQTj5AYMg/n
+ELzf/e53Jhx77LGHedLEnEmUw9MkHIHn62KLoOF1uvfNqgvEndULeJ3EuI8++mgLX3CMGLcLlRku
+8xYXNrLQdtKWW25pnjR2SNjCYyW+Sx8RYzxRkodQuBOgLeXqJZRDuueee2xCYSIjxkz83JOfUEI9
+JFaicKfAHYV7/sTYuZPgISL9Jrnnnfxen/b7w0YzrDcREIGyBHB8alrF4ZpS1kgdD9RboBEXhJUV
+FYQYSKyOIB7Di4TIIaQ9ozgsoQ9eiKQLDE8+kwnBQ6yJCXuclW2EmHKU58XSOV/1QL2ekiLs++Of
+nsc9YGK1JI9DU697yl7OhcwFGQH1mLbncbtsu8Aee+yxFrfG3oEHHmgPAzlOXhdoj5cThiD27AzI
+58vx6DsiTfJycRvsT9t+bCiJgAiUJxBfxXHTTTfZdZzLVRzEiomJcvvMigFEhQd7CAyeMcJCrBSx
+Y3kdn4QsCE24wNxyyy3mufKADxFGMPFMEZp77703HDzv4SDeKGETbOJ9M0sRv/aHjC60YHUBdbHy
+bY55vXyPJxda6iYh2H/9618ttOKTBALNCxHlISXJRds2qnm74oorwlVXXWVeOHcHJMTVBd1nXdpM
+P8eOHWsPI8jHQ07aQNvj3jfH2Bfve1btpy4lERCB+QmU05T5c9ZvT708aBrlooZAeEyZVRF4z76C
+gyZ5Pv9OrJkHe4QzeODnS8O8+XjZDz/8sG3y0JCEaPGDF+LQnlizTNjgkUceMc/UQTFxkAi5kPzH
+HXx3QeR7PHlZ1nGT+Hk2DwB4IBhPO+ywg9VHjBwP2ct5nuQ2+1n9QR8J++yzzz6VYZx4Xn4mTiKk
+s8suu4Szzz7bJiP2+fppxJlwB4myvGDPjO4p3n76UNf2ux19ioAIlCaAg0W4laXAhHNJWa7iqJdA
+I3R4fcRjeLjGD0gQaTzkBx980B6uIRwcR5QQEh70+Y9T+ESweGDIQzBEm7TtttvaAzPWKvNUlB+5
+8AAND5sHg4giIRUehvHbdxJxWxIeNYmVGDxcQ8wQVISdFBdE96r9k7YRK+dh5q677hp6RiGZo446
+ykIKPOTkxyv0kTAFebhrYAWJh0bcNp/YpL++D9vElPmxDg/+iBNzjBd3DSROsNfL02FiXazzZk30
+gOhhK4ltn7hgT3nOAxMATLhzYdCw8oT6CC0xmGg/ws8DxlLtLzdpWaV6EwERqCTAnayv4mBRBE4c
+ie8sL0bXuL65fhsq1UugqZzbe7/950cSl156qS1D4yfIvFyoyEuDEVs8SeLOzDwIOYKBUG+99dYm
+OAgbCbEh8QARb5vVIHitiCP1egwb7/nEE0+0vPfdd589mMQzJ78nv+33kAf7/QGee9fYZB02sSS8
+TlZw8DCQlRcInd8FIMjEwkku7nx3kSOW7G3zuDKTCt4siRUaTB7Yow3eX0JFTHTUy0TBJ+W8Xo4T
+z+dOgn7873//s0mCUAt3HDA888wz7eemiPTAgQPr1H5rnN5EQATqTQANcKes3kZKFGwSCdrAEvtr
+3EWDEF5EgpmDGCueJqKCeBEv5kEeokcMlqVseNQIGD9uQayYbRBJBBKPm6Vi/PU7HqxxjJUTrILA
+O0Z4ETQElx+23HHHHRbawFv0fHiMCC3tQkzxzhEzRO/rr782D5T12gga7eTvhvDLPMSY+rHz2GOP
+2U/WmR3J4w8oCZkg/PxYhfXQeLEuzPSJvhJyIS6OiBOCwXvFNm3BNssI8fAJwxC+oW388SMmKiYs
+uNBP6qUP/NSbpXLM0PyikL4yKSLYJI/B82MaliyyhppzQcgk3n7WUnNXUq79NZ5sZRABETCdYhkr
+PyzDWWLpK8+k+Lsc6ALXtjuEDYWrUSSE8/+JtjpYR4xZXcCtPLfanugIYugJ8ULUEGMECgH3GDO3
+4IiMJ+8oeeN/W4LjCJ6HNfDGqR8RxSYiRkIM+Wl3MiFweLYeq+U4njnlEVtsJetD3PlrfZ7oB790
+dO+X/cyc2GXi4ISRsOd/A4Tv5GEy4hbJk//6kfrxspnMPHEMgSYx8fGwEMbYwvtG2En0CY5MTuTD
+wyZG5qk27fe8+hQBEaieQPw6JmTJ9cidPs4n1z7bDZlSCzSNodF4faywQGxYhYAHiGggPO4he8Nd
+0DiOUONxInB4vwifx3bdNvnwUskHBEQasUMose1QqJ96yed1s+12fHajLPZoK8e9PPl8wiEPnjt1
+YJd+kNdF0ozG3ugTNilHIi9hirhtvnuohfy0h08Sn0x0cMDjpR68afrBxBZvJ3nZj30mKyYVbNN2
+jjFZ1bX91gi9iYAI1EiAawxN8L+CyR01OhG/1ms0UssMDSLQXhcCgUgh1i4YiAgdKtV48pOXF3nI
+i+DGvVNse3nECzvk41Uqn9ePbfeMyYcNXiRs8IrvswPz3jwf9VHWbXnZeN7kd28TZcqlZHs8n9dL
+GIP2wYJ+8j2ZyBvvK/k8uZ36tN9t6FMERKA8Aa4xd7ZwMktdo+VL1/5Igwp07atVThEQARFYsAm4
+I5SVOEOn3qs4Fmy0ar0IiIAIpCOQpTB7yyrWtfmWPkVABERABHJDQAKdm1OhhoiACIhAVQIS6Ko8
+tCUCIiACuSEggc7NqVBDREAERKAqAQl0VR7aEgEREIHcEJBA5+ZUqCEiIAIiUJWABLoqD22JgAiI
+QG4ISKBzcyrUEBEQARGoSkACXZWHtkRABEQgNwQk0Lk5FWqICIiACFQlIIGuykNbIiACIpAbAhLo
+3JwKNUQEREAEqhKQQFfloS0REAERyA0BCXRuToUaIgIiIAJVCUigq/LQlgiIgAjkhkBT/y+a/I9P
++2duWqiGiIAIiEBBCPjfmPbPpv7F+8+2RNpp6FMEREAEfhkCcS3275UCHRdm/z/z6tssCXx9yamc
+CIjAgkbAxbQ+7fayrpm+jS2+N/X/5DRp3Ask9/t2dcfjlXh+fYqACIhA0QjUpIXljvt+E+hSYkuG
+Uvt9nxsoGnD1VwREQATqSqCUXpbah934fvtPY+M7aqqYvC7SpfL6sZrylSqrfQ1HwM8DFutyfhuu
+BbIkAsUg4FpX3XVW7li5/ZDjWGUMmh3xi9oz8OnJj9dk1PNXl8/z6LPhCHB+CFk1adLEXvBn35w5
+c8KsWbPsU+ekPG/n17RpxX92Xxtm5IXp7Nmz7SW+5fkuzEdqe95rypc8XjES55FLHnRBdrDJ475f
+n/kg0Lx58zBz5szwww8/hBEjRlQ2arHFFguLL754aNmyZZgxY0blfn2pSoDJDT7w43vXrl1tomOC
+KzX2uT5GjhwZpk6dGjp37hxatWo1n5NTtYbabXldyeuvdqWVa0Ej4Oe7VLsbrbrqqtE4mFvqWMl9
+5K3OYMlC2pkZAT8feHJDhgwJHTp0CGuttVZYYoklTDCmT58efvzxx/Dee++FYcOGheWWW848PS+X
+WcMWIMPOgskNoe3evbvdbQwaNMgEG7Yu0p6X7WbNmoU+ffrYxIeo8+J3BZ63PgjcPtcY3327PrZU
+Jl8E6nouGQP1ikHnq9vFbg0nkZAGYrLPPvuEAQMGhCWXXNJEAy+QQTFt2jTzqF9++eVw8803m6gg
+InUdMAszae4+YLjllluGnXbayTzoN954I5x22mlh7bXXDkx07pjAG6aI+b777hs6deoUnn766XDu
+uefOl7euzKhjwoQJ5pUz2XLXk0bw61q/8mdHwMdPXWqoEuKoS0HlzQcBvLgvv/wyHHXUUWGHHXYI
+rVu3DmPHjg3ffPNNmDJlil3g3Kr37NnThJvvF110UVh22WUtLl2qFz6QEPDapvqUqa3tZL6a6qrp
+eCl7lCG8gbeMWJO4EznkkEPCgw8+GPr27Vsp0uSFDRMgefGaKUfyum0j9hbfX4orx4ljk0488UQ7
+V6+++mq46aabQo8ePcqeK/K77VJ2Oa604BKQQC+45848Z8R4/fXXD5tvvrmFNL744gvzkt98803z
+8hDwlVZaKey3334hCmeFDTfcMAwePDg8/vjjduFzW++JvCT2cdHHtz1P8tPzIC54ev6Akgds7HPx
+oJzn5VgpMUHkXKiwRWKb/eR3+5T3Y3E7br8u7TdD8978joNN6sB73XbbbcMrr7xi4kzfvF3k8Tax
+L94Ojnmi7djFHvn4Tjv57u0kL/u9/qWWWsrODedy0qRJNgl4n90un2n7G7el7/kkoD+WlM/zUmOr
+EAQufsR2jTXWsNjzxIkTzdt78sknzUNeccUVw/LLLx++/fbb8Le//S0MHz48tGvXLmy00UZh/Pjx
+laKCMCA+X331VXjrrbfs2Lhx4+w79jmGUMZFyIWTuCtleChJ/XjzTA6EBBAQypAXQfrwww8tL+EB
+9iXT119/bcexw3FePIDDPvFzPFy+jx492uryyaU+7U/WzXayf4hit27dzIv+4IMPKvvjZb2NpfpC
+HvpPW+Hx/fffh8mTJ4fvvvvOtplY8b6dD7zeeeed8O6771o/6Rt95zV06NDKtpG/ofrr/dBnfgnI
+g87vual1y9q2bWsXLRczQoBg471ykfNCZF577TUTOUIcrDYgxIHgISLk4QHj3nvvHVZfffXQsWNH
+q3vMmDHh/fffD3fffbc9OEMY3AtElD755JOwyy67hHXWWSd06dLFJgzCKgj9E088YQ8niYcTU+X4
+BRdcYF7pCy+8YEJLPdhDCBGrk046yeK5iPDzzz9vAk389w9/+IOFbR544AGL8/br18/afuedd9oE
+RVgHb5MYfE3tj4twEjB9cgGkHz/99FPo1atXWHPNNc32M888Y56thyKS5ePbTJ7w4c7m6KOPtpAF
+fUSIEekXX3wxvPTSS2GFFVawejhnv/3tb81E+/btjQnn6IorrjCRvv/++82bJpzC+WIyK9ffu+66
+y9rJ+aquv/H26ns+CUig83le6tQqPE5EA6FGoP75z3/aJ7foXKCIwsorrxweeughEwU8WC5eEuLI
+Ng+4ECIEwD1cxAkvnPjr5ZdfbiJLOV54dWeccUbYYIMNzCtH7LFFeVaKrLLKKuHWW281kaIeb1ub
+Nm3My2ZCYPkf7XPRp41MJggjnjmCtvTSS1sseNSoUfa9f//+Vj/1IfBMIuQ777zzLB/fq2s/balO
+tPwYfeROZOedd7Z6ie+//vrrJo6Ib3V2mPSYMH73u9+ZQNNORJU2w4c+EG5iBQjxbfazDBKRJpGX
+F6GO3r17mxf+2GOP2URH++hfQ/XXKtRbbgk0iQbGwNy2Tg0rS8BvqwlZcOvMBb/IIovYRc3F/tln
+n5n3yzHEES8TTxbvlvAGQoaQcEt96qmnWmyaCx/PDiF/++23TchYrsdDKsQeTxpRwas+8sgjLT6L
+WGHj4YcfDqwSwYNnVQNCi8Bw2064BM+dh24I38cff2zhDrxqBIfJBTvE0t0bxotmH0KPSBFmwS4h
+F+qjH4RTCD2cfPLJNlFwBxFvP8Lv7UcY77nnHrsTYCJxfg4Y+yxHXHfddW2CoV3/+9//jBUTzqKL
+LmoT0R133GE8qAve6623nrWZ9jwfef1MaqwG2WuvvcJuu+0WmJDYhg93Dni+nDPaRV4mV/rDOSKM
+Q39gxwoOlkZyLihPmCp5vqrrr58vlgyW6q/3W5/5JiCBzvf5qbZ1iAiC9umnn9rFi5DhrRECIDSA
+R4wwEh9GcPFY2eZCR/zwUrfffvuw4447mmDx4BBPGrsIwu23327Cj0AjIJ9//rkJCiLN8jIECgE+
+9thjLT/C/+ijj5rgEvtGhBDfRx55xEIqhEKYGGgvAsxxRJQ8tGnjjTcO3N4jwoRkEM3VVlvNyiLs
+7DvmmGPCs88+G1gCR7/wcGtqPyKFKFIvYkXf6WM8uUDTRtpOPvLfeOONJsK0FX7cjcAB7rySAg1f
+RJnVH+QnL6symLwoi+jjXfPgFpsIP33Bi2apHvFqhJ39iPVll11m4R3q4hnCdtttV2N//XxV1994
+3/U9vwT0kDC/56ZWLeNWGE/stttuMzHBc0ZcEKUB0Zro/fffP5x55pnh/PPPN68MbwyxI+HtIuKI
+L4LM8jtCCggJgklCNPDCEX5CEJTHE8abxSN/7rnnrAzxUrw+vGA8bTxK2kY5UlIQbWfsLenR+iHK
+IZ7EhLnN7xktFySsgnDzAK6m9j/11FNWlnYgioRKsFdTireX2Dfl6B+hDsQUxs7RbcEMEYUBQk2b
+8arhx+oZyvP50UcfWagJzsTo6Q+TG+EpwhweC8ce7SYPdRG75nh154v+xs9XbfvrfdBnvggoBp2v
+81Gv1iAWeM3cQuMF41EipnhS/ss4bpuJJ+PN8sAJb5vjeHEkbrV333138zTxaBEExADPjVtpPFtC
+EiQEA08YMUKIERFEgURbCLcwYSCohE2oB5vJFBfB5LHkNp42dfJC2LCHWNel/X43wSRUU0IkqYN4
+MVx5mMcPWLh7OOywwywGTL/iCc+c1RnsJ8TAHQoT5jLLLGN86AOiTciEB4iIMueHfhCvdw8dmy7S
+xNhhymRHvrr0l/PFT9Fr0994P/Q9PwQk0Pk5F/VuiXu7XIhcyDzc4heDeIyIJV4mooBA7bHHHiYM
+xGq54BESPEKEiFt7RDPpzbKNMBImIFGGfQglgpT0kjmGsPBjGcIgCFdNqSaxxiZ5fPJA+BG3urSf
+tiCS2KpNIh+CCsdrrrnGGCLUhDW23npr4xi3BUdCE4Q4vCwerHPzvPCADxMfE6Hnp02eJ94+9nFe
+6S8rcGp7vugvvErZjNvX9/wSqPnKyW/bC98yLjwuQOLACA9eNGJAeAMvDgElRIFYH3TQQbaMDjHd
+YostAkux8AaxgUggJHjR3P4nxZJtRIWQQjyxnxc24mVoC7fhiBXf+bFFqVQf4fAy1Edb69J++ojI
+way2yQWdkM59991nkxw29txzz3DllVdW6bezcNts4/2WSt4Pjnkf+B7nyLanX6q/Xp8+80FAAp2P
+81DnViCqeGDcxhJfxrPiwRsPnAhHuKdJaKNn5Cnzk2E8aR4eIjaELxBcBATx5YESy+YIfXDrjX3E
+CRFEbLHnnjLeKwnPPV4X+xAS7HF7T8zUV2BwLJlcjFx8ksfLbXt+wip4lrVpP30hXMNdRjnRLFUf
+4kkd3H0QHmJVCQ/qCFsQ8sCbdbH1JYqcF9rINnFn6oYnibzUTzgD759j5Iev20m2A1v08Zfob7Ju
+bf+6BCTQvy7/etfOxczFzcXLAzOEmoucWCYPovCeOc6Li5vkwkpZxMqXwHEMjxsbCAefiIh70ywN
+Q2AIc5CIayJaiA/eOsvdEH3Eijw8fCSejUfPigw8TdZS0xbs8OK2nnbRFiaXcl62VZh4o8/Uwy8T
+mUxINbWfvtBeytY10Ub6xkO8q666yvpFSIhQB31xcaV/cGVyIj93EOTjByk9o0kSIUaU4cWDQUIQ
+nBMe0LI0Mt42vlMvkyNtp7+s6mDJIon+MmmUO19p+ltXPsqfHQGt4siObaaWEQW8V2LJ/OgDwUQQ
+iTGzpIslaMSHuaARCOKoiAQXPaEMRBTB4iEWYoKnfcABB5gHTjlirwgHy75Y2sbf8sAWsWzW5/Id
+gdlkk01McPDGmRT4MQeisemmm5qA8Z22UScChXDwkJE6/MVEgfgRnkHkaGNNyfPUtv0sC6QNXq46
++6Xy0C7ajmCyNpmJgfbiJbuY0n/WfrOkER4cHxCtpEGwicfDmSV25GOlB2LNj3JghkBzTklujzqZ
+uGDNPiYDVtH4+WKFDndMpc5XXfpbHQsd+3UJaB30r8s/Ve1csFzkLpx4VHhs3H7jySGgPPUn5swF
+63Fp1uLy4wi8WsSE23ZEk9t/X3GA8CD4/JW8zTbbzOz4j1f4oQm2KI+wkI/bb7w8hOfAAw+0yQCB
+/+9//2ueJCKMmNMeJhaEDKGi3l133dVWntBmRIkJB9FCEGkbkwKeJuug6St9RswQfyaL2rafPns7
+Ebx4oi4mNZYQUh+TCm0mTOMTB3XiFbOUjfg9L+40OA+0mSWH7EM06R8s4cMdDn2lDmwfd9xx9kCW
+fax0eT5aigcH2kR9W221lYWTYEGdxLyZMDmfDdXfeN/1Pb8EFOLI77mpsWWICKEFhIcHgXjPeMLE
+SBFVxANvEEFDHPD68Lj5GxY9I28aAUBUiU8feuihJrisTiBEgm3KIZqsOGBlCJ4gYoEw33DDDSZW
+xLL5exP8Ao8y5EfcEbt7773XQhzUhfjzwJKQCMLKD0y22WYbEzfK8AAPb5FJhtAH4kXiO/Z4IYQu
+rLSdY3VtP7zcU00Cpv1eH/XAjHo8wRLvFcHlByxMhv6g1VfSwJwljtdff73xIZTBj1+4g6FPMPWQ
+DoLOckRWz3CMvuB58+MWYve8+PskTCr8TQ4mJ1jV5XxV11/vlz7zS0AedH7PTY0tQzDcq+Mhn/8i
+zQUIccHzJGaM14tgurCQhxcXPMf5k5qIEzYRQhKCznpdBB0h6RkJLWU4jpjwB5EQMsQJMSNxu42X
+x4RBexBkxAcvlNtzhJv4M4n2Icq0nfwIF/uoE0+StiHYeI6UYyKiP9RHveSta/spUyrRb154+NRH
+6IGftPNjHCYHnxi8v4glbSFMxHf6Rrydbergkx+4IPq0F2bYJ8yCAPM3OK699lr7lWT8fOFxUy93
+GfDgGJMXoSaEmv2wqO35KtffUgy0L38E7L+8yl+z1KK6EEA0EEyEECFGEPDuEEUEgguav/PQMxJY
+jwm7fRcc8vEQCoFCVBFc9+Z6Rb9UxHMmD4kyLsjEVPnO7TxChpggQNSPmOBxIkxeDzYJfeBlIq4I
+OoLs4QLaScjERRwR5KEafcEL98kjTfu9bPKTdlIfP77B0yWMw6RF2+OJbfYzuZCX/pOX+LQLIrbY
+T38QcNZP0ycEmoebhDQIgzhTt085bCD2cECkmSxoD3VyjPNbl/PltvW54BGQQC9456xki100/SJG
+GLmI3dvloubi5hY8meJlOY7QkxfR58XxUuUQE6+PMnh75Eeo+U4Z8sQT+Unk5zjtcg+VeshPWb6T
+2Ebo2GZ/qcQx8mC7Lu0vZcvr41ipPnsZr9MnDHjxSib6R95kf8mXFGcvSxvoC5MFbYBPPHndDdHf
+uF19zx8BCXT+zkmDtIiLnBeJC5pXbVJ9y7lQ1bauuuavTdvJU9/219Z+ffPVp7+1KZPX/taXk8pV
+JaCHhFV5LDRbtRXKZIfrW66U95i0Hd+ua/542eq+17f91dlsiGP16W9tyuS1vw3BTDai/wpNEERA
+BERABPJJQAKdz/OiVomACIiAPGiNAREQARHIKwF50Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
+M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlI
+oAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQg
+rwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qX
+CIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/
+BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk
+0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA
+4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARA
+BEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
+M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlI
+oAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQg
+rwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qX
+CIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/
+BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk
+0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA
+4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARA
+BEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
+M2qXCIhA4QnML9CNCs9EAERABEQgFwTmE+hGTZqGRk2a5KJxaoQIiIAIFJnAzwLdqFGYO2dOmPT2
+22HasO9CaPzzoSIDUt9FQARE4NciYCrcKBLj2VOmhhadFg1b33lzWOusk8P0Yd/Lk/61zorqFQER
+EIGIQIWbHAn0nOnTQ9OWrULXfsuETj17hJmjRwSEW0kEREAERODXITBPgeeGRo0ah7lz54RZ02eE
+WTNmBJ4Vzo3+KYmACIiACPw6BGIuMmIcyXLjRpFYR/Fo2tNA+oy9eGI7uS9+XN9FQAREQARCaFoV
+QuRJRzsQz6bRvybRao65c0ur9JzogWK5Y3Gb5CFvXJRnz55dZTueX99FQAREQAQqCFQKdIX/3CjM
+jgR1eiSgw8Os0HnC+DB3xkwTU4TWBZnPNm3ahGbNmlXuKwc0Lsyep7Fi247iV/nknHAOajvJ/iqN
+VKUiIAI/e9BR0CHMimLQbZs2C01btwnrbbhRaNFlsRBdxYbJxZkNLu5Ro0aFcePGhaZNm5YUabzv
+sWPHhrXWWiuss8464d133w1PPvlk6Nu3b9hhhx2s7F133RU6duxoQqFz8csR4A5mwoQJoWXLlqF5
+8+Ylz98v1xrVJAIiUI5ApQfdJBLdSbNmhh5t24UO3VuFjrvvHpq2amlroxFn94T5jii/8cYb4dFH
+Hw3dunULHrKgErwyEvmnRytDWrWKbEUi3Lp1axP1/v37h0UXXdREYerUqZY3+UZZUrxett023709
+yf1se4rnwRav2qSGKBdva7JOv4Oork3VtYFjpDifZH2l6qAc+bj76dOnj02So0ePrjaUlWy7tkVA
+BH45ApUCPSfynttE3vP3kyeFYSNHhfeffyGENq1C3+hC7t69e/joo4/CTz/9ZGENLvTvv/8+dOrU
+yYQSgZ4RrfzAa27RooUJB+Lht9GzZs0yYcBbI5Gfl4tIsruICC9CKHxOmzbNsuDxuXDNnDnTJgAm
+i3idbou2UNYnAfKwj3qrS+ShvUwu1FWbcuSjLzCgXXynrSTa4Mnz0R/aAQ/6mGyTt9P7nWwDNnlR
+lrZSL3mcDfVTlmPs9zrYjyAjzltvvXX48MMPA3cxnN9kG7zN+hQBEfj1CFSu4pgTCWqzaKnd2Jkz
+wtfjx4bHHrw/3H7bbWFMFKYgffPNN+H2228Pr7zySnjqqafCjz/+aBf/8OHDTZAXX3xx88wQcRcp
+91gRDpJv89338T2ZEBLEixDJxIkTQ+fOnW0ymDRpkgkP4RUEZYkllgjt2rULY8aMsTqx6RMDt/Dj
+x4+3ckwklGUb2+US5Wk/gte1a1crO2XKlGrLUQaxHDlypNmmXPv27U0IKUt93ia4wAsPlnzsp754
+Ij/9pr30m9fkyZNtn7edT/gQYqLuxRZbzOqhLYiy1wEfktfBcV6U9xcTnJIIiEA+CVRenUgo656b
+Rhdwy+ii7d5q0TClR5fQbN4FjEe4zDLLWHjCPTjEc6uttgorrLCCeYyI5g8//BCee+4581zxBOuS
+yI/QbbfddqF3797hiy++MG+vQ4cOZmbEiBHh6aeftpj2yiuvXFnnd999Z3UiiHiMCNeyyy4b1ltv
+veBlEezXX389fPrppybq9CGZyLPZZpuFFVdc0UIzHKePb731lnmbTAbxci7O9HunnXYyPggneRDF
+l156KdA2BJu2tW3bNmy//fYWFqKveLmff/55eP75560+RJNJhLj9aqutZu30NhDDx+OlDMzxgr/6
+6qvQr18/Cx/B5c033wxLLbWU8SP0RB3cCQwaNCg888wzJuRHHHGEtQch53yefPLJNum+//77xkqe
+dHJUaFsEfj0ClQJd0YSK9c94drOmToq80opYMccQHTxLLmCO48UiNmuuuaZ505999pnFmrnoEcl7
+773XyiBitU3kpQ7i1niFfOKp473jDS699NJht912M+FBrPGc2UdcGyG6//77rX2I1jbbbGP1I8gk
+BHvLLbe0iWPYsGHmxbrYImT0h4eXa6yxhnmgCCf9oNymm25qD9W+/fZbE0Mvh6BSbueddzZBRYzJ
+Q4ydNsAHDogudey4446BO40vv/zSPOJevXqFtdde29rMpIY3izAzSSDon3zyibGmf7QBD5w+Es+H
+DxMGkxFhC/IzidKHeB09e/a0Omjziy++aO3DKyesQbvgyCREX71ftT1fyicCIpAtgYRA11wZQoOn
+iQeHF0ss+uyzz7ZbbsT12GOPNZHBCyUkUheBpnZEzycBPMbrrrvObvOJox533HEm1AjNjTfeaJ7g
+kksuGY466ijzHPFQEZv111/f7Nx6663htddes04hznvuuacJMN4ieUm0j/oQPR5m0h9sf/3113Z8
+jz32CNtuu60J7gcffGDlyE878UIRSYQWoTznnHOsDG/HHHOMeeII4R133BGOPPLIQFsJEd1www0m
+2Issskg49dRTw0orrRTee+89azveM0J855132j4mno022ijsv//+5ln7JMQkiWf8r3/9ywSZc0Jb
+8aDx3OkDfWOSo12cD+q49tprbeJAuOnrNddcE1ZZZRUTaGwqiYAI5IdAnQWaix4xQDQQTW6zCXHg
+tRE7xYtEuNmuT3Lx45NwB54oHh+CiZfILT7fERxEllACDwIRWAQG4SE/oRY8ywEDBpgA8x2PEe8W
+IUZcEVnK8ELIHnjggYB3zV0A3i4eJfFi2kLowicb/6Q8Akq7iCkffPDBFrIgBowtJhjq6dGjh3ms
+5MN7JvSCt0s+7hCWX355azNiT0hmyJAh1sdVV13V2kAfCc/QBtpP/bRt6NChJvp40/SBycDrWHfd
+da3tiDD1cCfABEFeuJEfe4SS/GFjfc6XyoiACGRHoE4CjTBwYSNMiAnf8fh4kdgmDxc8glffFLeD
+wOFRuijySSiA/XjsbPsx8vkSPiYIPG4/hk3ahIdN2xF17gbYT3+whWARo0XoKOft8O/k9+Tl6Cvi
+ufHGG5vnToiEiQChx3vHLqJIPsIIv/nNbyptY4u+UL//8IfvPBQkL33kxeTz8ssvW17a6InvtIk6
+mHTY5rXXXntV6Xe8DsTeQxn0AQ58KomACOSPQJ0E2i/k+CfeHhc5whJPCAG38J43fqy2372sC6SX
+K7ef4xyjLXjfeI8II4LkQo2HiUfs4kwZjiGKeM2Ebohb452ykgKh33DDDS0P5eIJuwgpP8AZPHiw
+xeOJlXfp0sUeZCL0Dz/8cCUfOBHbjrOivbyIBeP5k7yt8e/kcWG1TNFbfJ/3sVwdHCdeTn8o5yle
+l+/TpwiIQD4I1EmgaTIXNBc4nigix0Mx1tIShyX8gDDj9XHr7N5s1l11wUGMCbOwTVuIrxKTdQHm
+GOJICMb7wTaiRj4Elf78/e9/t7ANq0jwjEslyuOxE5LYd999LaTyyCOPWJ8JexAPXn311a0u4uh4
+uYQ1HnvsMRN/wh60EWEm9YxCMxyHHR4+EwZ8qYeQEg9jmQyoI57oK/kI4Xgd5OHBarIO+o2n7rz4
+hBl1KImACOSPQFW3d772VYixX9BcyHhiLBvDY0SI+Bk3KxEQB8QFQePBF3FVxJoy8fJUwbbvS1bp
+YhE/Xu57vCx5CGEQn8Z7ZsLgVh8RRITxTo8//vhw0EEH2eQS92Kx4+1EJPk5OitE8KYJWSCA7nV7
+neRHoBFNHkqyysKX9BFXRlRpE2VJQyOPnNgvDyqJBXv5Aw44IJx44okWoqDteLmsTCFsxEM9Hkwi
+tKzsoF0IMQnb/qIvtI+7GeogjIIN6uAcHXjggVYHYsw5InGMcoRiOHdsK4mACOSLQDUedIUYE78k
+rsnFjDgjCsREEYN33nnHBJoVBoQTuMjxREksEUMcECiPlbJNQiiwi71kciEkD3VSH3bZTxn3+NhP
+4pP9vMhHXcRrWXmx+eab2xI8whrEgYnTsp4YkXJBog0IO+1HrHiY9tvf/rbygSICTF4mJa+PT8rh
+jcKBJYY8tGQFC5MD9liHjJjCgYeor776qj1IxD6xcY5RnnwIOvboG6s8WAfO0j08cPqHZ4+XT79I
+zsDcj1kAAEAASURBVAG2HKcsExAxb0IYyy23nLUFsY/XwYTCuaNuJi6W75111ln2K1HCOog7tpRE
+QATyQaBJdEEP5H9OmTN1WmjRuWPos+kmYdr4CWHwXXeHZksuHjp37GSCgHfHwy9EhIsYESIEgPgR
+ayacwcWPKPBLQ26x2YewIRKIHyEGbt+J0eKhIm4IoCeEENscR4SoE08U0WU/8V0+WQnh4s82HimC
+42uXESAEl/YgytSJl8jDPEQOT5dy8UR9eLnURX9oM21EWOkr/aRP7hF7WfLDAaGkLvpMn/wHOwg2
+7aA+8lGePLSBOtn3+OOP2wREPlZccOdBm/kFJO0gDPLss8/aChnKIcaUZQUNoab4pAUD6iBfvI4n
+nnjC2kBf4MPkR3vZhhX1cvdAP5REQATyQaBRtJRrbqOmTaL/4ioSz/59w1bnnhXGfvNteGyPfUP7
+6DZ7avSgjIdlfrHHL2Auctb/Io6ICV4uAu0XPnnx2hB2RM+FljJ89+VecRSINPaSdbKfuCzHEDi2
+SXwi4gggdZBoFx4nAkte6kKUEDK2432wAtEbdmg/+RBHRI7vtJE+VNde7NFvF0YmDyYjmCB62KVN
+tBHxRcCZuOgjfWJCoizH+WQfjPyhIbZpNwJOXaX40A/6UFMdlHdm9InvtA02pbg4H32KgAj88gQS
+Ar1M2OrcP5lAPx4JdNu11gxhVsUf1+fCL5UQFC5sDxvg2bHt+REAXuxzAUAQ4ttJu17Gbfjxuuyn
+DvLTLuqiXWwjluUSxynnZRAtkrfV21+qPPaxTVlsJDlQBvvw8nx893Jx2952JgaSi6fzwA4v37ZM
+895qWwd1ez+pT0kERCB/BCpi0NzVRhd8pESVf17Um+ri5NvJTxc8LniSb3u+UuVLCYvn57NUmbru
+9zpcfHw7Xk/yO/XSfi+T7Esyf3wbsSMhuKRSZbFPPkTU83k5KzTvzdtaF6ZevrZ1xPtJGSUREIH8
+EahQE7R5TnSRRv8fYbPo9rtpdOtrmh0iz7eWbc7rRV6fdtWnjGOqTdna5MFebfN53fHP2pStTZ64
+TX0XARH4ZQlUCHQkzo1bNA+zoweFIz7/MkwYPiI06xz9OcwyYY1ftomqTQREQASKScBi0NZ1vOjZ
+0R/H/+jL0KRr9LPhJbrgwhWTinotAiIgAjkgUOFB05BIi1lu13qNFUyY51bzMC0H7VYTREAERGCh
+J/CzQM/r6tx5D7sW+p6rgyIgAiKQcwJaX5XzE6TmiYAIFJeABLq45149FwERyDkBCXTOT5CaJwIi
+UFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASpeSIgAsUlIIEu7rlX
+z0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo4p579VwERCDnBCTQ
+OT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARyTkACnfMTpOaJgAgU
+l4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqeCIhAcQlIoIt77tVz
+ERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq45149FwERyDkBCXTO
+T5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASpeSIgAsUl
+IIEu7rlXz0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo4p579VwE
+RCDnBCTQOT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARyTkACnfMT
+pOaJgAgUl4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqeCIhAcQlI
+oIt77tVzERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq45149FwER
+yDkBCXTOT5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASp
+eSIgAsUlIIEu7rlXz0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo
+4p579VwERCDnBCTQOT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARy
+TkACnfMTpOaJgAgUl4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqe
+CIhAcQlIoIt77tVzERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq4
+5149FwERyDkBCXTOT5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwT
+kEDn/ASpeSIgAsUl0LRk1xs1inbPnXeI76Tktu/z477Np+9Llmnoba/T66vvdnVtLmWTfWkTLOLt
+TmuvPuWTbUhu18dmskzSZkNvJ+vTtggsqASia4PLI5bmE+jGTZrEDuurCIiACIjAL0VgzuzZVar6
+WaAjr3nOrNlh5Pvvh1lRFny7pK9TpaQ2REAEREAEGoQAWosYd15p5dC4aeQkz61wpU2gGzVuHKZP
+mhw691g67H3qTaFFy5Zhtil5o2DRjnlyTZmG26ZfFY34+VZ/rrUr6zqoOV5n3bbJPTfiUBGeqOBY
+0Y+I1s89ikUvfs4zj2eUPeqptcHMJLepwQo5/3LbnA9vx7w2VG6XbufP+SuOw4Ei5ds4r47KNtZy
+u7IP1ON1VLSx/La3qaKOn9tUdTuyRsaKxFfMxnbNO6IPEcg3gXnjlmu9ceMmYca0aeHxm24Oo4YN
+Cy3atg1z58wx0bZOcJHOnjM3TJ4xI8yIBJuDFWpsV2ZFR+0iiN4qrpx5F0V8mwzJ/BW7KiqpMGPv
+NI5kglJdmVrarLRXYdYu2nlfYwpUsednRZq3HX14efbMq7Li4LxtNjxPyTbHOczL63b49FTFRrSz
+LEsKJGzWZduKz2tAlTqjjcrtlHVYv2J1JLfnmZ+/H9GBWrfBjFYUoEySPXUoicACTgAneebMGWHO
+3DnREPcxHw33VVddteJSQSiiTHPatY0+owx2Mczrdfy7g0ju+zW2aYv3hfpJvs33hmhT3GayjuQ2
+eT35MbaTbYrv83y1zeP53UZym/2+z23WddttePn6blPObTRkG9wW9pVEYGEgwHUSOciNJ06KPt05
+rgh7VHRvnlfZZOy4ny/whaHj6oMIiIAILAgEIpGeyyKNmAf980PCeR2Y2zTahZrjpfhnuc4ljye3
+y5X7pfcn25Xcrqk9yfzJ7ZrKlzuetJPcTpZLHk9u1zV/snxyO2lP2yIgAtkQ8GvPQ57zaplPoC0m
+6reQ/lmuScnjye1y5X7p/cl2Jbdrak8yf3K7pvLljiftJLeT5ZLHk9t1zZ8sn9xO2tO2CIhANgTK
+XHv6JWE2uGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZc
+ZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARS
+E5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigD
+IiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0B
+CXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUE
+REAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BA
+p0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiAC
+IpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2
+XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAE
+UhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0Yo
+AyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpAN
+AQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVV
+BERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQ
+QKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIg
+AiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0
+NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERA
+BFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdG
+KAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQ
+DQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0Nlxl
+VQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFIT
+kECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMi
+IAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJ
+dDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQRE
+QARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECn
+RigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIi
+kA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZc
+ZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARS
+E5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigD
+IiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0B
+CXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUE
+REAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BA
+p0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiAC
+IpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2
+XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAE
+UhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0Yo
+AyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpAN
+AQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVV
+BERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQ
+QKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIg
+AiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0
+NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERA
+BFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdG
+KAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQ
+DQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0Nlxl
+VQREQARSE5BAp0YoAyIgAiKQDYGm9TXbqHGk7Y0aVRSfOzfMnTOnvqZUTgR+dQKNo/HcaN54nhuN
+5zkaz7/6OVEDQqi9QEeDtlHTpqFRkyYmxrOnTQ9zpk41ho1btQpNWrYIiPbc2bPD3FmzfhZvURaB
+HBJAhJtG47lJNJ5nR2N2xowZYeq88dwqGs/NmzevPDYrGs8u3jnsipq0EBOonUBHnkXjFs3DzAkT
+w7TPPovEeJHQevk+ocVSSxia6T+NClM++jLMnj4+tFxuudCsfbswZ8bMEKKLQEkE8kYAsUWAJ06c
+GD7//POwyCKLhF69eoUllqgYz6NGjQpff/11GD9+fOjfv39o165dmDlzZjScNZ7zdi4X9vY0WnXV
+VcuPOrzmyMMglDHpnXdCh/XXDz022zh06d8vtOncKTRv28b4zJg0OUweNTqM/PyLMOzZF8O4V18N
+bddYwwQaj7oyFLKw01T/ck0AgcVjRqDficbz+tF43mijjcIyyywTOnbsGNq0qRjPkydPDmPGjAlf
+fPFFePnll8Or0XheIxrPlMfbljed69O8UDWuvEAjztEt4Jzo9m7Gtz+GFY46JPTZdKPQrmsXG6Az
+oxDHbLzkKDVp3iw0a9kyGsBzwsQRI8NXz78UPrn6xtB86SVC48iGQh4L1ZhZIDvjIQ084REjRoSD
+DjoobLjhhmGxxRYLxJ+nTZtmXjKda9asWWgZjWfi0D/99JOJ9E033RQWX3xxC4so5LFADoEFstFl
+BZp48pzIW5g1cnRY9+xTQo9117aBPGbosPD9Bx+FMYO/DtOiW0BSy+gWsWPf3mGpVVYKHXv2sIE9
+7PU3w+vnXhyadukUGs+LW9eFEBfUwuap0CcufD6nT59eq/6Rl/RLs6hPW+tyfn/pvIgw3i+e8R//
++Mew5ppr2nj+9ttvw0cffRSGDBkSxo4da+cGb7p3795hxRVXDEsvvbSN57feeitccskl5mnjhdf1
+ISI8aQPJz2kWDLD9S48V+kGdjG1i+ZrAGu7MlhboCDYCPW3IN2H9888KvTdcP0yL4nVfPPVs+PTG
+W8OMb4aHxot3DHPGTIxaEg28ju3DnB9Hh+Y9lgjLH7Jf6LflZqFlFLf7+uVXw6tnnBda9u5escpj
+ntgkm9+iRfSAMarTEwOZ15QpUxaqW0r69O6774b27dvbbXV8IHNhceETG/UEE/Yh5gz8OCPPk9Wn
+t5X4a79+/Rboiw5u9Oe7774Lp59+elh33XUDYYznnnsu3HHHHWHw4MEWf+bhIImHhT/++GPo27dv
+2HvvvcOAAQNC27Ztw+uvvx4uvPDC0K1bNxPockLLeGYywFunbvJhm09s05a0CVt4+ry8Hdjl9Utf
+N/SRvn788cc2rhkzCgWlPcMV5ZtEt20Dq5iKTjwPBCe99XZY6cTfh/5bbR5mRIP5/TvuDu9ddElo
+3bdPmD1rpq3a6LDGyqF1r25h5tjIk27RLDRfokv46rY7wpwolte5X9/QsVfPMLdN6/DtnXeHlj0i
+kS6zuoN4IBePv/Bqvvnmm9C1a1e7pcRbcXHywejb8bZXd4x8pY6zL26rpu1ydnw/tpL1uE1E4YAD
+DrAHT59++mlo3bq15eU4QjxhwoTw4YcfVnKABxyw2aFDhyqDPlkH9XvyY2zH+5Y8XuqY55k0aVI4
+8MADw3LRQ18uPG+rH19QPmHBpPf222+HY489Nmy22WYmYPfff795xD169Ai8EBU8QISUh4Z4zqzy
+uOuuu+wYYk0+8txzzz2he/fuZSctxvMPP/xgNpiEiW0j7t9//71NBM7dz5Nvw5R98e1S+8hD295/
+/30bH8nrpkuXLjaesrxu/PzTVsJDnTt3Dvvtt5+1n376naLn02f9CMw3lRN3njl+Yuiwwfqhz4CN
+zJP+4slnwsdXXBU6rr9emPH98LD8ofuFzS85Pww47aQw4NST7Dv7OEYe8lIGLxwb2MImtj0hSO5B
+PvHEE+GTTz4xIeATL/OGG24II0eONE+HwcigxFtgsCMWeAo+wLHJQOHi4njcC/X62Mcx8pCXsrSB
+gURim/1Jb55tr598lPE28N2Tl2Uf7aOc22Sbi56HTr///e/D4YcfbqsEfBCTl35vtdVWgVtpvvNC
+rB9//HHz+PDy6IO3G5u0AybJhL14X+PH45zoVzz5McTqyy+/DH/4wx+srdz+O6d4/gXhO31ktQYP
+BIk5M26ef/758M9//jOst956ds4RGO5Q8Prc82UfPMhDXrxtymIDW9iM8+MY4xk7zz77bLj22mtt
+UiDG/dprr4W//e1v4YMPPjB7n0UroThHPl7dC6Y+OGPLE9/ZxzFPbDMJXHnllXbNMIHGrxsmV+66
+GIuMl/peNz7WfLzTFvaR+GSbcc2qF1a7nHnmmTYBMnbom+f1duuz7gSqXqFReVZtTBv0WVj2rNPt
+geDoIUPDp/+5LXSIYnbThn0X1jr9hNB7g/VCdHYqf5zSssMioVMUe263xOLhrb9eZnkps+Rqq4RO
+vXpGKz82CR+cd2Fot/batk6aZjLgGNDM8uuss44NbAYdgw+BwHtbfvnlTZyIFzJIhg2L4t/R7Exa
+eeWVbZAzEF248FJIDBo8Py4yEja5OHydK/YYtDwswt5KK61k7aEtgwYNMk+Ji482MtgQQ7wSLqpx
+48bZxYFd2ke4gnq4xaNsnz59Ko+vtdZaZoML1BN2Xdj9oqMt9AOvjba999579nCKdiMG9BUeQ4cO
+tQdVeNqwInG7zYu+YY8ylMceCXskhANO5HFOeIQsLeOWmHbxSrY1LhZmaAF7gzVL6U4++WQ7h4yh
+22+/Pay22mrGKO5lxrsGJ47BkbyEQhgnMGPlx8UXXxw4vwg6CU6MZ14whyXpmWeeCaeeemo48cQT
+wxtvvBH++9//hlVWWcXEi20S3vhSSy1lMXDO3QorrFDpZDC2cFh8H21ivJAYF4xzJgTay10WDz+x
+t8UWW9h1xXioz3VDPYz7+HiPVnxZu2gTAsy4YbIjIcb0eUEfL9aZHL3NJ9Bz58wOTVq0D4v172cn
+/YcPPrSY86wpU8Pyhx9g4jwnOhlzows+ylDRlWhQIuwI98SDR4RPr785zBk5LlC2c+9etiwPm8lf
+GzKoEA4GNbeg22+/fSUavJZjjjkm/PnPfw7nnHOO7d9hhx3CCSecEPAQbrnlFosTIojDhw838Trt
+tNMsLPLmm2/aRbj66qtbOQQJgWMbQcabQfC32WYbG8h4rQwwBHiXXXaxmCQeEoN0xx13tIsU8cUO
+Nv7617/ahclFyz6WYGFv3333NYE744wzbA3tfffdZ23EE+XCpk9c8O5ZJD+pj8H/r3/9K1xzzTXW
+9kMPPTRcf/31YZ999jFvlvLwGjhwoE1kXCAPP/ywiQWTBO3hIkVUuPX9v//7P7tgl1xySRP9r776
+KsAJz+7JJ58M//vf/ypjsgiBtxXvzEW+8qQsgF8QUCZs4uiMN7xNGOAUwJp91SXKI3LcwVC2Z8+e
+ZstDTvGy2EKgsOvCfdRRR4Vzzz3XHAQmW0SOCRYv2s/DU089FbiLZDxuuummVg/CyPjAMRgQxcAJ
+iXFH6c4I9TJeGPtbbrllZTMeeuihsPXWW4ftttvO7BAiS143lOEhKA4Kd0fJ64Y2Is4+ti+66CJz
+ABi/THiU5XpgDJ1//vl2N0HMnnGp1LAEqgg0IQl+Idh6hb6hTaeOYWY00MYMHhIaL9EpNIlmx26r
+r1bhOUeiSt7KFA1MW+/cvHnotsZq4Yvb7g6zojKUxQa2sDkr+t4kyhMXagY0A5sBQdp1113NY0D8
+CAUQ+yOxzGmnnXYyccbDJpaLWOOFMGDuvfdee0CBsFJu5513tgc8lL3ttttskHIMj5dYGYOQi/SI
+I44Ip5xySvj3v/9tn0wGfD/++OPD5ptvHhicL774Ythrr73sFu64446r9BIQz0svvdS8KS7E8847
+zy4+vKEXXnjBBBkPaoMNNrD9tB+PlaVbJA+38EmCAy8Xbva5R8LFSNp9993NG6MMInDYYYeZmHOR
+UZaJi74jAt7X3/3udybWLBMjftor+lEGIkL7mQh4cIb38/TTT9stPD/QSLbVKl/A3mCHA9AzEtVF
+F13U+swPUDgH8IRXTYk85KUMYgY3VnnAENt4s35usMV3RIx8JCZznqkwsTNpcpyxjqccPw//+Mc/
+TKTJ/9hjj9mETHnG9SabbBL2339/cyA4p+6d+7VDPk/UzfihHsSZUCHXFE5N/LrBiaF+xgPrwEtd
+N6x2Oemkk2wMMjFw3XAngEOAI8PYZwJhMqG/tCvOwtukz/oTiKlsZITBOHVaaNGls/0IZXY0AKeN
+Gx+t1ogu9uWWMaE1cS01sKN9HGsTDd52yy5jZSjLWml+0NJisc5mmzqiEVTZYj+hPqB5eMMtGQ90
+GBTcyuN5IDqvvPKKhQF+85vfmKeMiOIFMJBYEkV8F3Fk8JEfT2K33XYLe+65pw1+jjGouF1k4J51
+1ll2gW288cbWHurh4uHWlTQg8lzwlKiXRD0s09p2220rRZDbVxIPADt16mQDlH3cUl9xxRUWk2OC
+oE486rgHhHhjG2EkcWFx0TH5kJf4M6sG6A9eP+mQQw6xOvDaEQ3CHggtibsE2DzyyCPG4fLLLzcu
+TB4w/fvf/26ePBMYYo0XxzESt+xMSEyMxBMRBtq6ICfElXHFAyzucLjDYCkdk5uPu9r0j7yU4dxj
+gzGCTQ8r+YTKJ3dh5MfrZjJgH04GIshYItR22WWXhZ7RpBE/D0yi/CCGux4mdE+MRR444mEj6kz8
+jBsSHit3Bw888IC9GEuEX5ikyY9TgTj7dcM2D965bvCiEd9S1w1lmNAYx9xxUsb3/elPf7K6zz77
+bGOADa41QoGMF3nRhqfB3qp40A1itWanpEo1DHwGPQ9jGLx4JOwjrspARFS4hWPG5oLAw8UbwMvj
+IiFxK47nsHYU4+Y2FKE58sgjK70GBg3izK0eA4tbN275KYd3QxyPtOyyy9rDFuomMXipB6Hl9o6l
+Vgimx3/xdghHXHDBBXYR0A+EFWEk4flgHwFF9PDU99hjD+sjbf/Pf/5jXgdCwndiegg0ng0CSp8Q
+A9qPt4Yoc4HwQAg7eCyjR4+2uLcvHcOrpv3wIi93GLSbOwZilmzjwTMJ8OALZtwVMDkhDgcffLC1
+lYuTiW1BF2k7Eb/QG+cRXowrJnc+OW+EjRgTTBKcJ84F54GQBZ6xnwfuCPFOET3CZZxLPFQmeMJ9
+OBuMBcY/55/vXCuMUxLfGT/sJ+HZMg5ox8AoJIaXHL9uaJtfN4wprpujjz7aHlTjvCDShLpoI2OD
+PDgaxNiZcAjNeCju6quvtvGu8WLoG+ytqkDjwbVqGaaPHBX4+TY/5+YBYONF24cJg74MkyMPgu1o
+BJi3XaUVUVnCHpNHjwkTBw22tdHk5VeG00ZNCPy9Dv6oknnP0UD2hLfBwGbw4OUhSAwoBIv4Mx4E
+A4EQBzFqBhhCxsD1B4YIH7dvDGrWreJVM2Dc88UG3iWeBZ4ut5CENkgMOkIdiBTeCGEKhI0BTdwY
+D5XEAzzqJdbG7Srt5jtt5aGMe8FcJJ64HeUiISGaPKzy20Ds8fIBzW0zHLgo//KXv1j7KYdgMglw
+C0zYgYv3qquusgsLcWaiYWKAB7erXDyUgR8XMuzwuvHWqBuBYBKhLl7uEeLdlWqre4e0ZUFLtB1P
+Fk5+h4PoMNFztwPrmhI2ED3KcI5wIBirrFzgXHMcjp4YI+SBJcKGt8w45hkL45FxlzwP2Oc8ENMl
+VIU3zd0fY4sX+/iRDOOMNvt5Yuww1j0MSBvuvPNOC3sRs8axuPnmmy0eTZnkdcMknLxurrvuOhNj
+HBrEm7tS+sd459pkUmFS5xh1kxBrd2psh94ajECVEAchCv4q3ZRPvzKh5efbHfv0CnOGjw6zp0wL
+373zXhRkiwZkk4oVHAxOeyGy0b7oLFoeHihShrLYQLSnfDLYbMfjz/SCAciA5ddcCBBPnxFiBjW3
+azzAQ4AR3kcffdQe2vE0Pb70C1HiYR5eBTM6Awqh5ZYOQWLJE+EAvF/qQcB4mk4ifED9xNe4hUX8
+EF7CGFzMrDUlcVFy4WEb4SMvt7PsI96LDRI8PHF7TR4SA5rEhUgZbld5mo/3zgsPHQ+L8ggBiQdG
+/4mElltc4uwkBJpJCh54xIQzsIcAwYuJCe+bhzdMPkxMMMHrRwiYnIhjwwfPDm7E2akXO6R4W+Pi
+YwcXoDdEBRFjrBDaQKzhyPmFRfxcVdct8lKGOxtscO6xiW3qiCcEFH4IMuMVcSUfY5DEWIEp54Hx
+ymTMeWDce+iC0BNOA3eVLM0kUZ4HnYwV9pOww4tJmrs1ko9r+sm5Z5wwRrh7TF433JElr5uBkWNC
+rJwxjofNHSshEa5HHj4zcSDMsPOxzdhHuGvL0xqqt1oRqCLQlGjUOPrzi9PGh5+iP3wE8CVXXTn6
+mxpdQ8vuS4ZBN90ehrz6WmjcqEloGg06fsLNiwd/jaNyQ159PQz6z+1R3qVCs25drSw2sDV7ejQw
+o4GeTAww8jDwSYQziMEhrJ6YnREPPBA8AzxlBBexI/GQiyfzeLGsoOC2DO+VgYvQIrJ4JQgRT8oR
+W/c6iN+xzQWBaJKoh8HLAORCIhEP5sLjYuKi4QEMt4MkPFe8Hy7W+CAlZMOFgtfEigkmIPIx8EkD
+BgywevkkeXnElsStL7eaePJ+oeLpEjZ56aWXLA+3yyQubmKBTEDElYlZczHhOXFh0jdEBu/n+Wjl
+B7F4RIaJiYSAsyKGPtFWJkna6owt0wL4xjmDATFSzg3hAPrpt/c1dYny5KUMZbGBLWxyLJlc+Pkk
+EcvH+yU0wDjBw+U8MN78PHCXxl2OT/LEjxk3eKassiERB6YMLx8v7GfMMIETmyZxJ0i7eLBNe7HJ
+eEb0a7puPIzHuKHd9GGz6Ic9iD53cLSJ8cExYtgcI2EbZ4JreEEfL9ahHL1VjKJYg1iN0XLZ5cLQ
+514ME6NZkb+tsVz08+1xb0drlHt0C29eeGn44N77w6ivh4TpkbDxGh19/+Ce+8Obf700tOzZLcr7
+dvRjlv2tLDawhU1b6RGvKxrsJDwMH5x4ncze3FLywmvgwSGiRByPMAGxX7xNQhIkBjFiQh48F2LC
+LANiyRHCyuyOR8kxwiJMCtgkxIDwUY6EIJIefPBBu5XEU8IGg4/wCBcYng6TBIOSC4V9rENFOOmH
+e6FcSDx4I2xDu4mNc7vLLaVfvFz43EH4oKZdDHImHMSTskw41IVnT0KYmXR4AEUeLhomkoMPPjhw
+e0pfmYi486Cv1EV/SExcMCMPx5mc8LrxmFgKBgfEhLZyQcbbagYWwDc8Wp4twI3YO2ECliwyYcEN
+PvFJ1bvIPo6Rh7yUoSw2ED9sJkMklOEVHwc4BEyynAPuXPCYuXthvOCJch4Yi3jA3Bkh5ITzCMtw
+HXBOmWAJT3jIw2PM1OWrSxB5hJqxypgljIXDgiPB+GOcJ68bJoLkdcNYY7LHMaFdeN6Uxdng+Q3X
+I4mH7ITVEGrGCw8RGb8+/vmulJ7A/D/1jmbkpm1bhwmvvR6aRwOy63L9w6Ldlw6zo59sfxMJc5v+
+/cKPz71sovvjoM/D0JdfC4NuuyeMfOOd0KLbEmHsG2+GFY47Oqy48472l+wGPf5kGHbL7aFVn97R
+2unI45134vwCQJgZ0KzB5UVYgWOcYC4AhBixRVzxivEYmMHx8rhY8Eb44QHrVHnwxkXFjy1YRcFA
+ZtCzbI7bfmwhejx4RPAY+HhC1MUA5wENXjdCxT48DzxL2sR+BA4xZVBzq8rFQ8iBi4q6EFzqpk3E
+OBFIJg++49Vwq/l85L0irvSVi9S9ZhiQhwuRQc+LBzPcJvNwiNSzZ08TTtqDkGMDr4e24NVhmwnD
++0qfmBTIwy/gWKFB2IMQCtwJ73BnwYVP+7kosU07qBd7tBUGCPv/t3cmQFpVVx4/LCoNNPvWbAJK
+WAV0ABHBIEhSkSRGxolJWRqFEU3QWJNK1DhxRK24JGPKiktM1SRWxZpEJ7FcaibgFmM0ImFYHIMR
+BG3WZmm62UEBM/d3Pk77+vFtvdB83/vO7fr6vXe3d+//nvd/5567PNql2Bz4YjtlYJgXMoO19MgY
+OIWAwMqImjZHfsAGokH+IFAG6Hgp4o/cgSMvRmSBNLh08my4IZcM9JndmxcoRAjW1g7YelEIiMsK
+UsYMkFV6OpAibWSOOlE26gWRQ/TICzKArCOT9JS4B+XnuSF+Ps8N5kSeK0wp3BuZRl5QnFj2Trkw
+sVAf7PCEYT6CsOnFQuTILfgWo7wYxoVyzL5ZUuXG1GZJYQHKoUACq19KbZZ0ePN2adO7mxytZbOk
+YLPsGjZH2VYjp/bvJSOuvkKGsVlSEIoP/rw4tVnS4AGpuc9pHnAE3EwL2JKjQk/eNDLkhfAiAHFH
+Fx+yIgzBMgdp4k/+CDddf3MILAIIGfJwIlAIOJok94OgeLhIS5kQUs6Jy+h71KEpU2a0fR4ISIDu
+KGmIjxaEf9xF62r35GWSro6UizJBohAIxGwO4iQdhMGLgzpF68qDAhb484KirvzMsRoSnMgX00qu
+slq6YjrSdtSPF6ZtloRZixcQL3cw5wVsA7y0JdooZg1suGil9CYgeXpnELy9WOM4cK+oPCMHkDD+
+yBSOlyUvPu5hDnmE7FAKFgQ7MAoGYyZo3BAiZTKHvJCn5Wf+dkQmkXniQJ7pZMqeGxQbiNYcsgIO
+yDRyEZd3k1vCIH9wiDoGF838SJ3dNQ2B9AQd8sRezF7QR6prdbvRQeeGZcvBb2fYbnTLyv+TnWvr
+bzfa/cwhanNmyTcDgZVLlspbd4ftRrt3Te0JHWvIaLHRBCAfhCpdoxpJQ9SEow3gxzmCyzlkSDjn
+ON745IlDUBEoHGkQPsI5t7zRmCAxcwgp94mXCX/IEke43R8CoB52X8ubfCkb18THIdR2f/UI/ygH
++ZI/cc1ZXNLiz32MUElDXagf+REnV12z4ZRvWa1sxXQEN+SBHhMaJkSDHyYAuugQJkoADqLkhYcN
+F7MGbUAPDvMPvR4wjhNTFIu4PNNOJh8me7ShySvtipyhMaPlQuCYUTB7oAmThjyijmtry6g/dUQW
+cMThHg15bigH9zMZNHknL34m75xTB2QGRxrkl/SUwdJroP9rNAIZCTq0RmrD/gD8YTZI+uYcYeOj
+8mB3gj8OhwUtR0IYrm1opFPC9LyQRO3WumH/o78MGnUfaR3CMu1i1+hSe0JHoIEIQCgQK0SCSeDq
+YLOHCOl1QCaQGtouDkKD/HD0yrBfYxemZwQhnQgCogy8IHh5cI8FQYvG3AEJnoj7aeX8X8EjkJmg
+KTokHd6KMLJ+8mrK+TLowgt0n44OPbrJqaHLjGM70v3VNTpbgwHBXW/82T95pcj4v0JCAJJGy4MM
+MQ8wWwiSxsaL1owJCIepB7JkcAxybqlPXlE2M1tg1qKc1nMqJBy9LC2HQHaCtnIEQWkdFpywZSg7
+3dV9NLbXsZV828NHY8PcaabntRsePhrb2T8aa9D5sfAQgPjQUrFDRz8ai8aKwyZbGQZYMYcwqIj9
+OZ2ZoblrxguElwTmEF4SXLsrbQTyI2gwQpsOXUQ0ana8Y1Ml9u3AsfqQBS6tWoewYAd1k4bC4v8K
+GAEzeaC1oqVi3rCBOOyumDksrCVNDEbKvETcOQJt84YgCIySbxBmHItT2hyz00Hefz8SiFmOLZ11
+4cobVo94chAw8wHkjEOjhpRxkCT+FtaSZNmS99LK+r+CRiB/go5VI75kOxbsl45AUSGQbVZGUVXE
+C5soBI5bSZio2nllHAFHwBEoYgScoIu48bzojoAjkGwEnKCT3b5eO0fAEShiBJygi7jxvOiOgCOQ
+bAScoJPdvl47R8ARKGIEnKCLuPG86I6AI5BsBNJMs2MDofobzycbAq9dMSLAfOFWrdAv8lttx9xm
+n2NcjC2d/DJnk83jCProJ0ekbZu2+gvLT7Kgw0qnbOHxpLni5wqP58d1PE1zX6e7Z0P98ikTeUax
+jKbhHNfYcNLG84jmHw3nvNBdINrwd+Ro2Gkx/NqE1avZnAk/y6fdOQKFiACKA3JqshotY4Sg+TDk
+EenapZt+KSGX4Ecz8XNHoKUROBq2G+DLMLt21ShJR19fVhYEnhWCtt2r+fvRESg0BJDV+FavlLGO
+oDFrtAmaM5+xKWuX2gvZu4SF1oxeHhBAmFmW3atnr7Dh0R7dmzmdrOIHObOnBmncOQKFigA9PGSV
+fV+iLkLQYSvG0F3kxx4ELtBRmPy8kBBANpFRiNc2NIoTNHEQevxdlgup9bws6RBARpFVfmw7YPJc
+R9AkMkG2wHQZuZ8jcLIRMEGmHCaz8TK5DMcR8etiQSAqu/VHTmwsqVhq4uV0BOoGQB0KRyB5CNQn
+6OTVz2vkCDgCjkDRIuAEXbRN5wV3BByBpCPgBJ30Fvb6OQKOQNEi4ARdtE3nBXcEHIGkI+AEnfQW
+9vo5Ao5A0SLgBN1MTWfTvWyKjF03Nfvmyqep5fD0joAj0PII1JsH3fK3L447tm7TWlqHjXniq3yi
+pWdlG2RKnLZ8/TxMOD98+HA0St054bh4fqRh4YU5I3viOVEbKn5sLgSQL5MrkzW7jt4jU1g0fTy+
+5WNpo+GcW3jc36/rI+AEXR+P464QsOod1bJ/337p26+vkm9cuFixtnHjJjmw/4B06lwue3bvlfYd
+2kvfvhW6KiiaKWk3rN8QvFpJRd8+SuT48RI4sP+g7Ni+I6ySOxLI/Yh8cvQTKQ/59e/fT1fFsXou
+k8BH7+HnjkAuBJA59n5AnpBfZIujKRrR9MTD2VfPOUdpIA1+UZkk348//ljzQhHhPP5BXuIQZooK
++blLj4ATdHpc1BeBra6ulm/fdKMMHDBQfvGLX0hl5Xrp0KFDndAhnDU1tXL55f8k0y6cJp07dw4b
++OySP732J3nmmWelW7duqi0QD42a9fb3/ei+4PeJPPzQI+rXvn2ZVG3ZKrO+eLHMuGiGCjzCu3fP
+XlmxcqU898xzUhbi8DA4SWdpMA/KCwEIEnk844wzVD7ptUHCVVVVsmPHjjriJB7PwKhRo1SG161b
+Vyf3Z555ppSVlcmHH34o+/fv1zTIZrt27WTEiBFKzBs2bJChQ4fqhlVG4uTJ/bjPpk2bNAw/d+kR
+cBt0elzUt1XrQL47a2XkyJEyavQo6dSpk3x06CMVWiJAolVbquRb86+XedfNk4EDB8qhQ4fk9NNP
+l2vnXSvf/Nb1sm3b9hCvjcaFyCdMnCDnnjtRJk2aJBMmjA/51yjxVlfvDJpyf70X+ZSXl8uIkSNk
+7tw5cufdC/SBQmvhgXHnCDQFAQhx2LBhMmTIEJVLtFzkDTnv27evKg3IGfLWpUsX6dOnj1RUVOg5
+JIw/so9/9+7d9drid+3aVeOyiyBxe/ToIfihXKCcQOAcCXdizt2K/rRnwyi82BHEjz76WGMdDSYH
+SBuH/86dO2XqBVNk1qxZqhHM/9YNMvsrl8m3b7xJt8L80pe+JFOmTJad1WFLzKA1fBy0lKlTpqgW
+gnBOvWBqIPSPgqCm8vv4cOo+L730skyZPE2um3e9vPnmYjn77LNl7j/PlY0bNul9tQD+zxFoIAJo
+sUa6PXv21N7h4sWLZdmyZfL2228rYaIcINtmlmB3S9JAtqRBbiFjtG2InR4ism0b/HBNT5Fw4vLb
+u3evLF26VO/Dvf7yl78I2rWTdO4GdILOgVFKIFOkHOQ7jG6kEiDsu2p3y+TJk9XjxRdflLfeXCIT
+z52gR65x500+T00eBw8elNFnjZaRo0bKqlWr5N1339Wu46jRI7WLiJCzET0Ojbt//woV7J888BM9
+onUPGny6HDhwwLVoRcn/NRUBZA6SRJb37Nkjq1evDmMpG5VwIeT27dur9ovJrra2Vs/xIz6ki2mj
+Y8eO+oOsMf3Ry0RGSQPRExdHzxIzCj8I3PybWoekp3eCbmgLp+RNNQMEvE/o+uE2bNgog88YrMI3
+8PQBsnnTZvWnG0i3bsvmKpk+40Lt6qEVL3lriXb1ZsyYrtr2aaeFWSCaguHDMLoeztFYdoQBym3b
+tqngDx48SAci3cxxDCg/NAgBlA1IE/LEBozpYeLEiWruwFQBOa9fv17zRGtG/jBN8GEExmIwTWCy
+MDMHPUgIHq0ZBYQjcWpqapSITbPGb+zYsTJ69GgZM2aM2qUhaMrjLjsCTtDZ8akXquJ0TKZMuE45
+5diUuaAVMPD3Cb+wnysCjuOBQGsoK2snEydMlH379skv/+NxeeKJ/1RNY2LQjBHgQyGOaRV8auzo
+kaP6IBylexnOcaeGeOTvzhFoCgLI2Zo1a6SyslKzYewD4jznnHPUFg0BQ66QMZrvli1b9Mc5pE16
+wiFt5ByiR2ngSFqI25QInhMjccL5MZDuLj8EfBZHfjhprDZBCNsGQkY4sUYwNQ7NAVcWun54ntI2
+dBmDnbpdGOHGQc7vLHtPbv63f5H+A/oH4a2Rf739Ng1D4LH5YSa5945/D3OtU+o5D8Bp7U5TcoeU
+TwsaOIJOt5LvRbpzBJqCALKEXL7//vuqNUOYDA727t1byXf58uVKxJgvkFFme+AgX/yIj0kEeeTI
+ACPEzRGzBxo6pIyiAlHjh41bn5uQD/fnZwqJZu7/0iLgGnRaWNJ7YlvbWrVNBbC2ZpfO8LAu4fDh
+w+T3C/9bteJXFr4uTEPCbQymj90f7VASRiA7dSqXL35xlv4QdvywU+87WqOkT5ojYQ70lk1bZPmy
+FcFOPVIGBGKnm7lm9RrpWN5RHxTiuXMEGoIAsob9t1+/fjJ+/HjVkFEwMKFByhAuNmTMGpg8IFTO
+BwwYoD9IFz/IGPKFZDFn4MfMJXqLXKNVR8mXeBC9/Xg5kN5dbgRcHcuBEYKGgOEQ1ClTJ4fBkw6q
+GVRU9JFFC1+QmTNnyhe+8AX52c8ekyVLlsiDj94fZnZcrOaM3/9+oXzly5eGLuRZen3vPfeqOQMj
+M4tZbr31Fhk3bqycPfYfgmCnTBnlgcRnzJyu5Dz7H2frA7Bo4aKwAGaPTnViQCb6AOSoggc7AnUI
+IMtowtiLOUeW+DGdjrESSBSt18wbDGgTHwcRY0eGvDGP4I+ZA8InPvlg24bIo478yN/MHsiu3dfl
+OIrU8edO0MdjUs8HoUIwcfNvmK/EyNsfvxUrVsols2bL2HFPyDe+cZVcf/11MmfONap1oG3/6ldP
+yP88v0juuf8ufSCYXvTbJ5+WMePOCvz8d1n1zt/kkku+rNrMN66+MtiaU3br6dOny7Rp01Sg0TZ+
+97vfyX899Vvp17+fj4DXax2/aAgCEDIaMVPgWGQCsWJ3RuPFH8L94IMPlGwxV2zevFntyYyR4JBF
+zBeYQ9CisU0j52je9AbRnjmHoMnTCJm8mCoKGVMGnp2tW7fqTCbyxs9degRajRs3TtGBdAD2zDOG
+alfFQQsWhyBQdAGZaVERhJJBwFZhTw6Op5xyqlSGVVSvv/7noBnvlcGDB8tFM2cE4WZ+6Q75wx9e
+lXVrPwjadlkYKZ8gw0cMl8Vh9sa6dR+E6UjYqyXY5g4EU8gZauJ4e+XbQbj3yaTzztUl3q2DEO8K
+U5uWLv1f+dvf3tPl3t4t/FSIaRtIYO26teGllVpa/Glo6ow4TP3i6K4+Apg6GLBDk+a5h3zRhnfv
+3l1nT2awD/k3okX+mGZHGmzPxMVBzuQFeUPQELApMRC5KThWAvIjHlP3LG8LK+UjnIu9Psq9TtA5
+JIKHG8FlzjMOwWMQEDtxr149pXuPlK2O2Rlbq7YGLQTturX0DtPryss76DWmiaoQxvQ7NBcjWoST
+B2B95YYwgNhPX4ybg+0ZhzbD8u4eIf/yYHdmbw53nyLgBP0pFo05Az9I2swX5IENmR8vPsLQquME
+iuxinoDUjXjxIz5pzY/8IBr8o4Rj/nYvrt2lEHCCboQkAJrO3GjdRs0S6GJ0OZirjHAfCRsbcY5g
+RoUZoSWc9ISZ4ONnGl08jGsEH/OHunCwfFIe/t8QcII2JBp/NDmM5oAM4giz82h4pjDLK57G/ON5
+cB2Pmy5OKfmBR1yDdht0DglAwHROsqQGSuLRIWccxMsv7khvWgdhUYGNhxGOduLOEWgJBLIRZEPD
+MsXP5N8S9UvCPXyaXRJa0evgCDgCiUTACTqRzeqVcgQcgSQg4ASdhFb0OjgCjkAiEXCCTmSzeqUc
+AUcgCQg4QSehFb0OjoAjkEgE6hP0sdldiaypVyqhCLjQJrRhvVoBgfoEfWzBFVNjfHqMy0ehIhCV
+z+i0xWh5XX6jaPh5MSEQld26edAIOiuImMtr6/IzCX8xVdbLmkwEWPzDnHFkNp2c4mdEzgKiqNAn
+ExGvVTEjgLyyXgI5jcpzHUEjxCzLrNpaJRV9Kuot2SzminvZk4kA5Lw1yCorOdmDOx0B48ceE2zI
+ExX6ZCLitSpmBCBnZDUjQRPAcuTa2pqw6Umtnhdzhb3sSUaAZfZHVJh1aXyQ3XQOUkbpyKRlp0vj
+fo7AyUAA/o2TM+Wo06CtUJg3Pt3/oW5XCAsuqKPtUZb+8WS/jJSz8Ph1vDLpwvHLlj4aHs+P63h4
+c9wjnkeue6SLT9ky1StX/Hi94vEJPxHOltWTNz2+1mF/lE9rkf6Opjkj03aePqb7OgInBwEj5nTy
+eRxBU0SEP7or1ckptt/VEciMAEKdi5yjqdMJfzTczx2Bk4VANtlMS9AUNPUAnKwi+30dAUfAEXAE
+2mZjb4fHEXAEHAFH4OQh0DbdFpknrzh+Z0fAEXAEHAFDoFX4JJCNFZmfHx2BZkfABkLyzTgeP9d1
+vvl6PEegmBCITwAoprJ7WR0BR8ARSDQCbX22RqLb1yvnCDgCRYxA/b04irgiXnRHwBFwBJKGgBN0
+0lrU6+MIOAKJQcAJOjFN6RVxBByBpCHgBJ20FvX6OAKOQGIQcIJTkiTSAAALNElEQVROTFN6RRwB
+RyBpCDhBJ61FvT6OgCOQGAScoBPTlF4RR8ARSBoCTtBJa1GvjyPgCCQGASfoE9CULEu2z9ecgOw9
+S0fAESgRBDJuN1oi9W/2arL5VPv27aVr165y4MCB8HWaXbq/drPfyDNUBOxlyAUfm8DxFRX82dfc
+d2tUSE7oP7Dm1xBHu3jb5EasVVjq3TBkc+dZkjFMQPv27Svbt2/XD5oCRKdOnWTPnj3+AYQTIBX0
+Ujp27KgvQx72gwcPKlGUlZXpw8/Lce/evXpnJ4PmbwB7CSLjvAwb4mg7ngv/0k121Jygs+OTMxQh
+Rch69uypHyfdtGmTppkzZ46sXLlSli9friS9b98+1xhyoplfBHop7dq1U8w3btyYNdGAAQOkpqZG
+9u/f7y/JrEg1LBC5Zx+fLl26yI4dOxqW+FjsHj16KEn7NyMzw+cEnRmbnCEQRXl5uXTv3l0qKys1
+/ty5c+XKK6+UYcOGyerVq2XatGnqH7Z1lUOHDum5/2s8AmCO+YiX4u7du4WHfN68efKZz3xG6L2g
+yVVVVcnatWvlqaeekvfee08/gAyRVFdXO0k3Hvq6lJAzH5jmy+q4yZMnqxJiREt4vMdifpYW7fnN
+N9/U9JimLK16+L86BJyg66DI7wTBQ5gQqj59+siGDRs04fjx4+V73/uenH/++drt5hPqaG3z58+X
+hQsXKpHs3LmzwV3B/EpVGrEgZwgZosXdd9998rnPfU4GDhwo0a97Wxtt3rxZXn31Vbnppps0fu/e
+vWXbtm1O0opG4/+BL2YNeiaPPPKItgGE3RDHM/Tiiy/q89GtWzfVpCFvd/URaBiq9dOW3BUCBEmg
+qXE0cv7pT38qM2fOlH79+qnQvvLKK3LOOecoPsRz13QEwBHN2cj5mWeekQsuuEAzXrdunfz1r3/V
+rjZtRI9m1KhRMnToULnqqqtk+PDhcskllyg5G8H7NruNaxPw7dy5s8o5mvPnP/95NXOgEce15kx3
+IA96NKSdMmWKvPHGGwJJM2aQbx6Z8k6avxN0ni0KQfDgMyi1fv16TXXLLbfIpZdequYMwpcuXSo/
+//nPZcmSJaq5IWx0xd01HQFszobls88+q6YjyBqipueSzt15551y+eWXy6RJk+S5555TQkDrw9zE
+gKKTQTrUsvtBrjYgCI6cQ84LFiyQNWvWKPGmM1eQDi0bEsYcRXxekuSBIx/ieJvUx98Juj4ex11B
+vEyb69Wrl9qZMVN87Wtfk6uvvlq1ZEwdaHAQwF133aXpL7744jpBc4E7DtIGe/DgMgjLgOC9994r
+U6dOVU36hz/8oTz++OP6kKOBRR3mpTvuuENWrFgh99xzj0ycOFEefvhhueGGG1Rbw/zhrmkI8MI0
++Yac33rrrbwztHQ8X+4yI+AEnRkb1dgwW6CpMQg4cuRI+e53vysXXnihatPYM//4xz/K97//fY3D
+jAFIxAZPyBpycdc0BHhBgitaFjZnHu7nn39eyZk2oUfD7Bl76LkbNmnMHGjbZ511ltx4440yffp0
+fakyswZzCYOM0TRNK2XppQY703oxWeAYD+DlGMeVeGjLmAUxkZiLxzN/P6YQcILOIAloBzzEpmnd
+f//9MmvWLIGEmTL38ssvy6OPPqpHskAwGRjEudApDM3yDw2LdgDz73znO4rzhx9+qOcQNsTNgiDO
+o47FKu+//75q3nfffbeOEYwePVpNUhA0JFFbW+sDhlHQGngeVT4wa+AgZxsMt3CeBzNPEce1ZlDI
+zzlBp8EJwaLLjKAxn/maa66RESNG6MP8zjvvyK9//WslZ5IOGjRI7WpoBgxAuWt+BGxAj0E/TErv
+vvuu3oTeDZpznJwJhBQgDRat4Gi3sWPH6oAh14SlS0eYu/wQAGNTRqJHcI2GkZv5cW5xOTcS59zd
+8Qg4Qccw4U2PvRnzxde//nW57bbbVINjbu1vfvMbwe6JYyYHDzmmD4TPH/YYkM10CTmbyYhBWh5o
+2sZc9GE3v+jRCMBWFJIHjjnpDFq5NhdFq3nOwTzeLtYO8TvE48XDS/26fr+w1NGI1R/hsR8CFu2m
+uWDFwGrBy0wPe64iNDZdrnxLKRy5Nxx5HuzcjvlgQVyLb8d80pViHCfoWKujCbN0FXMFpowf//jH
+uhqtoqJCp3O9/vrrct1116ltmj03BgUTB6sJo+Qdy9Ivm4AAGi5mDRwmJwiCBULmcj3g9iKljTgn
+DxzT9sxuann5MTcC4G2Y2pFUmc4tx2h4rjazNH4MpiEH4XgEECYeZOzQjz32mC5lZTrXli1bZMyY
+MXL77bfL008/rbMCMHEwG4BBQrOVRnOMCmbU38/zR8DMEAz6Ye5g5gaO9mBeerqXIySACYP5zjhm
+cpAPS79xhKVLp4H+Ly8EorJtpMvRNGuO0XOLQzpLa8e8bliCkZygMzQ6mjSj/AxE8TCzGOKrX/2q
+LozgQWflIItS+Nn0IdP0TBDJOnqe4VbunQUBXnq0A+7BBx/UaVqDBw+WBx54QAmXWTVMwzMiAG9+
+TLNjUJHe0A9+8AMdHNy6dau2H3nxUvVxA5BomIsSKpib4xnB8Sxg50e54Rg9t0Up6RQZy8eP9RFw
+gq6PR70rHmCm2UG8kAKzB1igwrznxYsX61QtVqq99tprSgJM+cIZUXMeFWiu3TUcAabRQcSYJF56
+6SUlYJZu0xa0CRgTzsvUfpDBqlWrdIk3g70QNvtyMMWuf//+Pge64c2QNQUrBHHMZqL3ydqB6A8/
+2xqBF64pLnbMmnkJB/osjhyNz9ueEX/m3qIN8OBjm+bHUu/Zs2fr0lU25GEBCxp1dEWVC2AOgPMI
+hoDRhJm7fOutt+qUx89+9rP6UsTccfPNN+s86XhWCxYs0KXekDZtwsZV1jOKx/Xr/BCIyrNpzfix
+fBvHghVepLSZxbVz4ttSb7uba9OGRPqjE3R6XOr5ImDW1WYvB5tix+IVfg899JBcdNFFMmHCBBky
+ZIgsW7ZM0yOgpHXXdAR4SdqcZrRnltaz0Q7bu0LW6TZLgjQgBXo7l112mRaCrjeanRND49oEeTbT
+BouHOOfFycswX1nnuWDQlj08WNiCI5980zeu5MWZqk3QKBYUZ9FbvtQIEBoY9ktWqqGZcc52omyU
+xMwPTCHsnkY8NIlFixbpijbspL5BT+PbDDwxdYAxxyeffFJ7NFwPCjNpGARky1dekqwYhIiZuw6R
+X3HFFTq4yHajaOJOzo1vB54BBmpZ3cn+G7wEMRk1BFPy4Fl44YUXdBCetoKs3R2PgO8HfTwmefsw
+WIgmAElgAsGx6tC2uESA2f+BeJhGnKDzhjZjRLCEHNC4eDmyidK1116rRMELk4ffN+zPCF+zBKAB
+Q8goKbjzzjtPtWgzbWS7CWnp1UDIvmF/NqRSYU7QuTHKGgOBgyzin7yi681OavbJK1ayoQW6azoC
+kLR/8qrpODYlByNpzBuYjBrjUGwg6nyIvTH5JyGNE3QztSICi8M+TTfaNk7yj8Y2E8BpsuHF6B+N
+TQNMC3kh8ygd/tHYEwe4E3QzY4t2h72ZbjgDID7ftpkBjmVnPRi8bXojXW8jD0we7k4sAmDNryGO
+dvG2yY2YE3RujBocwwTWhbDB0HkCR8ARiCDg0+wiYDTXqRNzcyHp+TgCpY2Aj1qVdvt77R0BR6CA
+EXCCLuDG8aI5Ao5AaSPgBF3a7e+1dwQcgQJGwAm6gBvHi+YIOAKljYATdGm3v9feEXAEChgBJ+gC
+bhwvmiPgCJQ2Ak7Qpd3+XntHwBEoYAScoAu4cbxojoAjUNoIOEGXdvt77R0BR6CAEXCCLuDG8aI5
+Ao5AaSPw/y/rbdCkSyETAAAAAElFTkSuQmCC" />
+</div>
+</div>
+<div class="paragraph"><p>Let&#8217;s examine the main portions of the code provided in the sample:</p></div>
+<div class="ulist"><ul>
+<li>
+<p>
+<span class="monospaced">SecureNoteActivity</span> - Main activity UI for entering note text and selecting an algorithm.
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">GetPasswordDialog</span> - Dialog to enter a password for saving/loading a note. When saving, requires verification of newly entered password.
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">PasswordEncryptor</span> - Abstraction of logic for password-based encryption
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">RSAHardwareEncryptor</span> - Abstraction of logic for hardware-bound key encryption
+</p>
+</li>
+</ul></div>
+<div class="paragraph"><p>Our focus will be to fill in the encryption/decryption pieces of <span class="monospaced">PasswordEncryptor</span> and <span class="monospaced">RSAHardwareEncryptor</span>.</p></div>
+<div class="sect2">
+<h3 id="_symmetric_password_based_encryption">11.1. Symmetric Password-Based Encryption</h3>
+<div class="paragraph"><p>Let&#8217;s focus on password encryption first. Inside <span class="monospaced">PasswordEncryptor</span>, there are three methods we need to fill in:</p></div>
+<div class="ulist"><ul>
+<li>
+<p>
+<span class="monospaced">generateSecretKey()</span> - Create a new key object from the password material.
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">encryptData()</span> - Take plain text data and write it (encrypted) to a stream.
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">decryptData()</span> - Take encrypted data from a stream and decrypt it.
+</p>
+</li>
+</ul></div>
+<div class="paragraph"><p>The hooks for triggering this logic from the user interface are already in place:</p></div>
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Implement <span class="monospaced">generateSecretKey()</span>:
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+Get an instance of a <span class="monospaced">SecretKeyFactory</span> using the "PBKDF2WithHmacSHA1" algorithm
+</p>
+</li>
+<li>
+<p>
+Create a new <span class="monospaced">PBEKeySpec</span> with the supplied password parameters
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">Use an iterations count of at least 1000</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Generate a new <span class="monospaced">SecretKey</span> from the factory with <span class="monospaced">generateSecret()</span>
+</p>
+</li>
+<li>
+<p>
+Return a new <span class="monospaced">SecretKeySpec</span> containing the raw key bytes and algorithm:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="k">new</span> <span class="n">SecretKeySpec</span><span class="o">(</span><span class="n">keyBytes</span><span class="o">,</span> <span class="s">&quot;AES&quot;</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">encryptData()</span> to write incoming data to a stream:
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+Get a Cipher instance loaded with the "AES/CBC/PKCS5Padding" algorithm (already defined for your as <span class="monospaced">ENCRYPTION_ALGORITHM</span>)
+</p>
+</li>
+<li>
+<p>
+Use the provided <span class="monospaced">SecureRandom</span> to generate a random salt:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="n">SALT_LENGTH</span><span class="o">];</span>
+<span class="n">mSecureRandom</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">salt</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Repeat the same process to create a new initialization vector (<span class="monospaced">iv</span>). The length of the array should be <span class="monospaced">cipher.getBlockSize()</span>.
+</p>
+</li>
+<li>
+<p>
+Initialize the cipher with your key and iv:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Call <span class="monospaced">doFinal()</span> on the cipher to return an encrypted version of the incoming <span class="monospaced">data</span> bytes.
+</p>
+</li>
+<li>
+<p>
+We need the <em>salt</em> and <em>iv</em> again to decrypt the data. Write all three items (Base64-encoded) to supplied <span class="monospaced">OutputStream</span>.
+</p>
+</li>
+<li>
+<p>
+Write the supplied <span class="monospaced">DELIMITER</span> character in between each element so they can easily be split apart later.
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">We chose <em>&amp;</em> as the delimiter because it is a character not present in the Base64 encoding alphabet.</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+<span class="monospaced">flush()</span> and <span class="monospaced">close()</span> the <span class="monospaced">OutputStream</span>
+</p>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">decryptData()</span> to reverse the process:
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+Use the supplied <span class="monospaced">readFile()</span> method to stream the encrypted data into memory as a string.
+</p>
+</li>
+<li>
+<p>
+Split the string on <span class="monospaced">DELIMITER</span> to get back the original three fields (salt, iv, encrypted data).
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">Don&#8217;t forget to Base64 decode each field after splitting them!</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Init a new cipher for decryption using the same algorithm and key:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Return the result of <span class="monospaced">doFinal()</span> to get back the decrypted note.
+</p>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Build and deploy the application to your device/emulator.
+</p>
+</li>
+<li>
+<p>
+Select the <em>Password-Based</em> option and type in some note text.
+</p>
+</li>
+<li>
+<p>
+Click <em>Save</em>, and enter a new password. You should see a message saying the save was successful.
+</p>
+</li>
+<li>
+<p>
+Connect to your device&#8217;s shell and view the saved file:
+</p>
+<div class="listingblock">
+<div class="content monospaced">
+<pre>$ adb shell cat /data/data/com.example.android.securenote/files/secure.note
+OlpcR+xyPsaBXtZP2mkZdtxrMGnTnSmqM/r0RzVFJjk=&amp;o0hKRxL3MVw1D1wQFUIV+w==&amp;fOToQqDlEaBhgKlnCsgbgSUckemI/XBp9TPBY+SPTYWiHvICsmBT42miMCz0wui/pAMQ+OaehUAN3DayPKEoWw==</pre>
+</div></div>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">This can only be done on an emulator or rooted device. Production devices have this directory protected!</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Looks pretty encrypted! Click <em>Load</em>, and enter the same password. You should see the note text displayed below the entry field.
+</p>
+</li>
+</ol></div>
+</div>
+<div class="sect2">
+<h3 id="_using_a_hardware_bound_rsa_key">11.2. Using a Hardware-Bound RSA Key</h3>
+<div class="paragraph"><p>Now let&#8217;s try this using a private key that is tucked away in a non-exportable block of the hardware. The <span class="monospaced">RSAHardwareEncryptor</span> has four methods you will need to implement:</p></div>
+<div class="ulist"><ul>
+<li>
+<p>
+<span class="monospaced">retrievePublicKey()</span> - Get the public (encryption) key from storage.
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">retrievePrivateKey()</span> - Get the private (decryption) key from the keystore.
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">encryptData()</span> - Take plain text data and write it (encrypted) to a stream.
+</p>
+</li>
+<li>
+<p>
+<span class="monospaced">decryptData()</span> - Take encrypted data from a stream and decrypt it.
+</p>
+</li>
+</ul></div>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">Hardware-backed key storage is only available on Android 4.3+</td>
+</tr></table>
+</div>
+<div class="paragraph"><p>The hooks for triggering this logic from the user interface are already in place:</p></div>
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Read through and take a moment to understand the <span class="monospaced">generatePrivateKey()</span> method.
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+This method is responsible for creating the public/private key pair and persisting them both.
+</p>
+</li>
+<li>
+<p>
+The public key is stored to <span class="monospaced">SharedPreferences</span>.
+</p>
+</li>
+<li>
+<p>
+The private key is bound to the hardware keystore. It can be referenced later by its <em>alias</em> (<span class="monospaced">KEY_ALIAS</span> in this case).
+</p>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">retrievePublicKey()</span> to create the encryption key:
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+Retrieve the encoded key string from <span class="monospaced">SharedPreferences</span>.
+</p>
+</li>
+<li>
+<p>
+Decode the string with <span class="monospaced">Base64.decode()</span> into raw bytes.
+</p>
+</li>
+<li>
+<p>
+Use a <span class="monospaced">KeyFactory</span> to return a <span class="monospaced">PublicKey</span> objeect from the bytes:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="n">KeyFactory</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">KEY_ALGORITHM</span><span class="o">)</span>
+                <span class="o">.</span><span class="na">generatePublic</span><span class="o">(</span><span class="k">new</span> <span class="n">X509EncodedKeySpec</span><span class="o">(</span><span class="n">publicKey</span><span class="o">));</span>
+</pre></div></div></div>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">retrievePrivateKey()</span> to get the decryption key from hardware:
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+Get a <span class="monospaced">KeyStore</span> instance of the "AndroidKeyStore".
+</p>
+</li>
+<li>
+<p>
+Load the <span class="monospaced">KeyStore</span> with <span class="monospaced">null</span> as the <span class="monospaced">InputStream</span> parameter to initialize it.
+</p>
+</li>
+<li>
+<p>
+Get the <span class="monospaced">KeyStore.Entry</span> associated with our <span class="monospaced">KEY_ALIAS</span> from the <span class="monospaced">KeyStore</span>.
+</p>
+</li>
+<li>
+<p>
+Return the <span class="monospaced">PrivateKey</span> from the entry with <span class="monospaced">getPrivateKey()</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="o">((</span><span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">)</span> <span class="n">entry</span><span class="o">).</span><span class="na">getPrivateKey</span><span class="o">();</span>
+</pre></div></div></div>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">encryptData()</span> to write incoming data to a stream:
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+Retrieve an instance of the <em>public</em> key.
+</p>
+</li>
+<li>
+<p>
+Initialize a new cipher in encrypt mode with the "RSA/ECB/PKCS1Padding" algorithm.
+</p>
+</li>
+<li>
+<p>
+Wrap the supplied <span class="monospaced">OutputStream</span> in a <span class="monospaced">Base64OutputStream</span> to encode all characters before file writing.
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">Add the <span class="monospaced">Base64.NO_WRAP</span> flag to the stream to avoid reading conflicts.</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Wrap the encoding stream from the previous step in a <span class="monospaced">CipherOutputStream</span> to apply our cipher to all bytes written.
+</p>
+</li>
+<li>
+<p>
+Write the incoming data to our wrapped <span class="monospaced">OutputStream</span>, <span class="monospaced">flush()</span> and <span class="monospaced">close()</span>.
+</p>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">decryptData()</span> to reverse the process:
+</p>
+<div class="olist loweralpha"><ol class="loweralpha">
+<li>
+<p>
+Retrieve an instance of the <em>private</em> key.
+</p>
+</li>
+<li>
+<p>
+Initialize a new cipher in decrypt mode with the key and the same RSA algorithm.
+</p>
+</li>
+<li>
+<p>
+Wrap the provided <span class="monospaced">InputStream</span> in a <span class="monospaced">Base64InputStream</span> to decode the file bytes.
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">Don&#8217;t forget the <span class="monospaced">Base64.NO_WRAP</span> flag again!</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Wrap the decoder stream in a <span class="monospaced">CipherInputStream</span> to apply decryption to the incoming data.
+</p>
+</li>
+<li>
+<p>
+Use the supplied <span class="monospaced">readFile()</span> helper to read data from the incoming stream
+</p>
+</li>
+<li>
+<p>
+Return the decoded data as a <span class="monospaced">byte[]</span>.
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">You can use <span class="monospaced">getBytes()</span> to return the bytes of a <span class="monospaced">String</span>.</td>
+</tr></table>
+</div>
+</li>
+</ol></div>
+</li>
+<li>
+<p>
+Run the application again. Type a new secret message to save.
+</p>
+</li>
+<li>
+<p>
+Select the <em>Key-Based</em> option, and click <em>Save</em>.
+</p>
+</li>
+<li>
+<p>
+If the save was successful, you can click <em>Load</em> and see your typed message in the lower box.
+</p>
+</li>
+</ol></div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_review_questions_2">12. Review Questions</h2>
+<div class="sectionbody">
+<div class="olist arabic"><ol class="arabic">
+<li>
+<p>
+Name three of the primary APIs for persisting data in Android.
+</p>
+</li>
+<li>
+<p>
+Why is it a bad idea hard-code secret keys in your application code?
+</p>
+</li>
+<li>
+<p>
+What is the preferred method of generating a unique ID for your application user?
+</p>
+</li>
+<li>
+<p>
+what is the one type of persisted data that cannot be (directly) encrypted?
+</p>
+</li>
+<li>
+<p>
+What is the name of the package that provides encryption for SQLite?
+</p>
+</li>
+<li>
+<p>
+What is the primary advantage of the accounts framework?
+</p>
+</li>
+<li>
+<p>
+Is password-based encryption symmetric or asymmetric? What does that mean?
+</p>
+</li>
+<li>
+<p>
+What is the difference between the system KeyChain and the system KeyStore?
+</p>
+</li>
+<li>
+<p>
+When is it safe to persist an encryption key in the system KeyStore?
+</p>
+</li>
+<li>
+<p>
+How do we check if the device supports this?
+</p>
+</li>
+</ol></div>
+<div class="paragraph"><p></p></div>
+</div>
+</div>
+</div>
+<div id="footnotes"><hr></div>
+<div id="footer">
+<div id="footer-text">
+<style type="text/css">
+td.icon {
+  height: 50px;
+  width: 60px !important;
+}
+.icon.tip {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKZUlEQVRoge2aa3BU5RmAn3Pbs7fsJmwCRGITk0hVLFAtNWoq6pAiU0cKaYfa6ShT+YN4YbQw9F/8QX+UMv6gM3Q6oxMV6TgIbe10Gq2gcSzDpRaFgmIk4SKB3LP3Pff+SM66m+xuFvEyzvSbeefsbva8+z7nvXzf934RHMfhmzzEr9uAqx3/B/i6xzceQP6iFDmT1cBxHNzCkFsgBEHIXnNeC1f7u1cN4DiOY9s2rliWhWVZWRDHcbJGC4KAJElIkoQoioii6IiieFUgnxvAtm3HNdg0Tbq6uuju7ubYsWP09vYyMjKCpmmoqkokEqGhoYGFCxfS2tpKW1sbiqJkRZIkZxLoikGEK50H3CdumiZ9fX3s3LmT3bt3U1V3A0033cKc2nkEQxV4PSqSJOI4Dpquk0gkGLx8kZ4T7zF87iSrV69m3bp1NDY2oqoqHo8HWZa5Uo9cEYBt245lWRiGQUdHB9u2beOe1Y8w/6bFVAT9xJJpYvEUiVSGjG5gmBY4DqIoonoUfF4PoYAfRRE5/8kp3njlD6xfv54tW7YQCATw+XyuR8r2RtkAtm07pmly5MgRHn/8cZSaZpbcfjd+n5f+wVEGRqJkdCMv3vME8t77vB6qQn4+OX6YsXPH2bp1Ky0tLQQCAVRVdb0xI0RZZdQ1ft++fSxbtozrlqzgrnvvI5nRee9UL+f6h9B0A1EQEIsBiOKETL7XdJOBkTg1jYtouu1+1qxZw549e4hGo6TTaUzTxLbtGZ/ujEmca/wvHnqYnz/2DLNn19B74TIDI9HPjCvwlLMls4RHdMNC8IRZ8dBmnnp6E7Zts2rVKgB8Ph+yLDulPFEyhBzHcUzT5PDhwyxbtow1j3YQqanmozOfEk2kChuLQ3x0lGQihmM7qF4vVdWz8fr9hYFyoK30OG/ufpYXXniB1tZWwuEwXq8XWZaLJnZJAMuyHE3TuPPOO2lcsoLGpmZO9ZzPM37q0x0ZuISla2xY2077j5ZSFargZM9Znt97gE8uDBb3ziRIfPAcF4/v59VXX6W6uppQKISqqkiSVBCgaA64odPR0YFS00xjUzNnLlwmmkznxbKYI45jk04mefaZJ3j04VXMqZ6Fx6Pw3QXXs/3Xv6Tp2rnTALL3T8wDBCLz8M2Zz/bt24nFYjPmQ0EAt9b39fWxbds2ltxxD0NjMQbdmC+QlIIgIIkSoWCAH971/Wk6PYrCg/f/oHiVmhSP6qWm/gY6Ozvp6ekhmUyi6zq2bWeXK+UAYFkWO3fu5N72dQT8Pi5cGp6xuoiiiBoMktH0gl5trp87DbqQBEMRbl32U3bt2kUikUDTtOzypGwAwzDYvXs3316wiEuDoxiGWVaZrAjP4qW/vFUQ4NAHPdlwKQWiqF4qa+ro6uoikUiQTqcxDKM8ADd8Xn/9dWZdewMVwSCDo7GicT8NSBTZt/8oT259jgOHThBNpIgmUjy3dz/P7z2Qr2My7gs9FNUXoPpbN9Ld3Z0FKBRG0+YBN3y6u7tpWnAr8WR6+gxLfr03TYNMMolhGFimiWVbXDzbx4G3/4XgOIiyTF3DdW45nHG2RhBQfX6q65o5evQoy5cvn9BtWUiSRG5FLQhg2zbHjh3j+tsfKFrv3R8EGL7UT23NLNraWmi+ro5r5kSYHakiVOHH7/OiyDKxZIonf9NJIpWZMQcEwOPx4vNXcPr0B2QymdxEzrO34ExsWRa9vb3csjzEaP9w1sUFZ1RBQJJk/vjbTdTXzS2kDoBQwI9HmcEDOSJ7PAiiSH9/P7quY5omlmVN01soB3Ach5GREbyqiqabM8a+NxAglcmvPOf7h9jR+WdOfNQLwNtHTzIeT+XFfdGCIAiIogSOQzQaxTRNdy4ozwO2baNpGpIkY1j2RAJTeJ0jCAKRmtmcPHORmkglxz48y/5DJ3jrnUPMb7iGxx7+MZZls/efR0rG/VQPgwMC2eQtZHxRAABVVbM3lEpgV178azcvvfYOgiCgZTJomsbGR9oRBIHzl4YYGo2VlcCuWOaE5xVFwbbtqVHiCJOZXBQgEomg6zqSKOIUMrqER+LRKItvaubW78wH4NLQWNmx7+q1DB1ZkgmFQohifqS7xhcFEEWRhoYGEokEqkeeWPLmurcEiGPbpJJJfvbAPVl95/qHJyYvmH5/EdG1FA5QW1ubzZvc8pm1deoHroKFCxcycPkiPlWdnmC5iTxlVk2n0wT9Xu69Y3FW51g8OfH3ye+WnAgnRcukyKQSNDU1Icty7n65NACAJEm0trbSc/zfVAT9JZ/U1NWklslwx/duxqMoWX0Zzcy/bwr0VCDT0NDTSS6f/ZBFixZlN/ySJJXnAVEUaWtrY6DvOIoiFlx5FhPLsrjl5uvzdPq8nsLfL6I3FR1FlhUG+v5LS0tLtmtRlgcEYaL5pCgKq1ev5lzPKfxeT8FwKSQA115Tk6eztjpcsubn6rUMnfj4MLHxIZYuXYrX683rVpQDIIiiiKIorFu3jn+8vIPKCt+0cCkG4m4Bc0fd3OqCoVIIJDo2iCQrvPu3F1m5cmVeu6VQz6hgDrj1t7GxkfXr1/Px+wdRPcr02C+wmgxVVnLm3KU8ffNmVxX03lSgRHSEVGycoYt9tLe3U19fTzAYzAKUVYVyw0hVVbZs2cJw7/uYyZGSIeCCeFWVd499jGGaWX1zq8OfrYOKeC+TijM+cBHHsRju/Q9r164lFAoRDAbdPfEVAQiiKOLxeAgEAmzdupW/v/A7RLPEyjTHuGjKYMfLb3B5eBzdMNl/+CSmZReN+0wqztDFs4iSxIE9O9mwYQPhcJhwOEwgEMhN4GkEZXUlYrEYe/bs4elfbWLFQ5tQKyJlVaRy+kSJ6AhjA58iihJdf9rBUxufYPny5cyZM6esrkTJxpabzIFAgFWrVmHbNps3b+bun6wnVF2H4lHLmlULgZiGTmxkgGR8DNu2efOV3/PUxo20tbURiUSorKwkEAhkk7fYmLE36rZX0uk00WiUgwcP0tHRQcW8G5ndsIBgaBYe1TvtyRYDMXWNZGyU+Ngwkiwz+GkfQ73vsWHDBhYvXkwkEmHWrFmEw2G3M1eyR1pWczcXIh6PMz4+zvbt2+ns7OS2+x6kanYdqjeA1xdAUb3IioIoSjg42JaJaejomTRaOoGeTiHJEvGxYd55rZP29nbWrl1LOBymqqqKyspKKioqyjK+bIBcCE3TSCaTxGIxenp62LVrF11dXdTUL2BO/Xx8/goEUcSxbYSJ2EGS5IlzgnSC/r4PuXzmOEuXLmXlypXU19cTCoUIh8OEQqEr7k5/7vOBdDpNMpkkkUiQSCTo7u7m6NGjnD59mv7+fqLRKIZhoCgKoVCI2tpampqaWLRoES0tLfh8Pvx+P8FgkGAw+OWfD7gj94RG13U0TSOdTpNOp8lMbmQ0TcvbArrrK1mW8Xg8eL3e7BLB5/N9dSc0uSP3jMwwjKy4G3AXwB0ugAsx5YzMndW//DOy3OFMjGwrxrKs7NX9LBfAneFFUcxec6rU5zqpvCqAqTCT16/0nPgLA/i6xjf+Xw3+B2ll/uiqTaJTAAAAAElFTkSuQmCC") no-repeat center center;
+}
+.icon.note {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAJhUlEQVRoge2ZWWycVxXHf+fce7/vm/GaGCde4pI0aQlJC0kRtE1L00JbLIjY4QkeUB9YHhAIJFCExAsKUkE8IAFFPIDUIqhBRSDRBUqCCimFFBCBpCWx02IaZ3G2SdyxPZ7vHh6+mcnSZnFjKIge6Wj8zYzvPf9z/me5d8TM+F8WfbkNuFx5BcDLLf/fAEZGRmx4eNh6enqsp6fHhoeHbWRk5D9aFeSlVqHNmzfb6H33sHnT7ZQmD5GfOMax6Sm+Pl5h1Yc+xpYtW2SBbX1ReUkRGBkZsdH77mHLW95EOv4Ms3ueJh6YYPHUFF9aljJ63z3cf//9/5FIvKQIDA8P293L2yhVjjH7t51ocDiviFecF46n7XzBreChhx4qNhH5t0XjJUVgx44ddGUZ9b/vIpQDoRQIWSDJAiFL6B9axo4dO4gxAmANWVDLG+Ln82URMRGhVCqRHxonlAPqFXWKC4r6IhI6OMjMzBN4/4LlTUQQEZxzZ32QJAlpmrb+p16vU6vVOHXq1AWjN18AnDj0F971vrs4OnmYJVkoDA4FCPUO172ICgnt7SV++4vvsGhRJx3tJbIsRVVpsUnOBBABBVFEClKYwbKr7sTM7EIUnBcA7z21k7t49x1X8JXvbOWra7rw5QRtcN8PLCfvvZJvb9vJycpJpg4/hp/N0I4SMQs4Jw0A5zBXHGiCaIZIKABgpGlKjPEF0TpT5pUDRXiVt99+Le03r+WzuytM1gO6pB/3+o0cbxvk8yOPMjW6i2iR2lxOjJDHSDMFogmGwzQ7rRJAUpAENAGXIZq2AFzQpvkACCEQcahP+cRH3sKHn9zHXU+MM7rtGeD33NDXzaZynZU9gcezpUw9X6OzIyOakkfF4QEpPG6nDRNNEA2FSgKimETSNCXPc0II57VpXhEolUqoOrxPSLOMT330Dv5SqfKDNR388Y2L+caQsjITNv3pMBs3rOT56ZyZGaM+J0QUxDc0INrWUgggoRGBAOIRAt77hY1AmqaoeJxPcN645jVDbNn8Hj73o8fZ/af9mEE9j9y2YRXt5YzZWmRmzjj1/BwhTXAKzitOHEbeWlc0AVwDnCv8KoZzjotV33lTSL1HNKAuEtKM1169jM98/E6mTk3x4Nbd7Bk7TEdHRvAeVY+hmDqmZwx1kIkiqrhzS2zL+AbNMC6l/80LgHMOEY9oQvBCks5RKpXo7JhFxbhz42pet2aQet1YtLiDJAkIDq8BHwJmwlwOUaD0ojsrNKuUReIZyb9gABCHcwWFgg+0lTPyvIRToVzKWLpkMfV6REQplYvmZCj1uuBUSdJwTg8AXBdoCZMOsBkQBeGi/J83gBgjmABC8AlJGsjzFLMyaXDM1etEA0VR50iCx6mSZhkiijpPjEpQD+SF4WdJrTAewdCFB1CtVlFVVATnhMQnWJqC5aTBk+c5IIgWRoTgSZJAmiZAo1s7hwsppglI+fTiljeYnyHkLQotKIAYI4igzpFHISQOiwEnKTEG8hhRVZw6YjRQLfJGHcF7jleqTBw8znXr12MABnv37efYiSnesG4tiUsRUQwD7JIAzKsPqCqiRbVwweM04XdPjhJN+dvTBxgbn6G9q59yZx9/3HWEb33vN+zc/RzOJ+w/eJLtO8Z5ZNtT7PvHIUQTvvv9X/Lc/mN0d3by3fseRLQwvWh0Fy+h8wbQ2VFG1KM+xfuAqufo8So/fejPPD/rqJys8pvf7eLAoeNMHqnw2U9+kH3jVQ5MClMzKUla5obr13HliiEMmDx6gltvuY7Vr1nBQF8PJopQ9AFTt/AROFfMjCW9XTy19xB33Hodb924jr1j+/nDk3/nzTdei4jw3nfeyCOPbufa1y5jzeoVrcHM8HR3dfHlr/2Q+x94jFtuuh44/9B2PplXDryYLF3STXd3e+t5UXcHY89OsOH6NS2Qed7wpM1Rm50G4MGHH2P961Zy3bqreXrPP5mrzwLt5y6/cACq1eoLCKm+TN/SAebmfn8aUG83PYs7+cnPH+eqKwd5as8/edc7bi02847pmVkATk1VWbF8AOcca1Yv59DkqcYK0tCL02deACqVCldc0YdIwLmEPM9RV6NnUZlPf3wT6oqJcePN6wHhzTeu4/CRCrfctJ4sSxBRli7pYfHEMUSU97/7Th751RP8eec+Yp5zzTVXM9DfDyogBvHS6HTJACYmJnjVoq5GFw0454gCEOnoaMfiNGZFFRFxJGkbywZ6i1NWoy9kWYmbb1gHKCHApuGbisVFGyoYUswa5OR5ftF56JIBjI6OMtDfWwAQ35jnc8AVpRXBohVqUowECKqK4RBxoE0W6gvGCcEjaOEAwEQWdpgbGxujt7erOLO2mk3R8i0Wz9EiuUGz+qlKEQEUaJbI4lTHmTVePKgWzpDGJGpc8CDTlEsuo88++wxXDA0UIUbAOP23KGZKjI48KnkuhcbiPbPCOBoeBikOLk2VxjqNRilaAEqSZGEAbN261bZt+zW33XY7IAXXm6Ou0YhIMamaaUOl5WRrzg00viuKWWxpQUOHNAZFQRpD48Xlkig0MTHBB95zG+VSylz1KCbWyDOh2XyK+56IqjWMKigkUnzWnPPFFFRRLZ29SQRUELOGY4pZ6LKOlM07mZ07d/KOtw1TcB4sGkTDiDQ9K1IkrKeYmQC08d7pZLSiRBpE5s7aS0XAHFEKAGY51Wr18g80Zmb33nsvX/z8XdSmj2AWOXhwkrxe46+79jB55Dh/3T2GxUhHextdXW2sXN7PNWtWIQKDA71FFBoAjIgQkVg/a5+oHrU5zIznDhxk964xKpXKggAoTlWW8+OfPorlOQ//cjsDy1bS2dFOW+diVly1iL6+Pqanpzl5qsL4pPHwN3/G1InDlMsZ7Z1tDA30cfWqIa5dexV9fb2YnT7UTxw4xsHJo4yOjfOP8QOMjx/k4OQx7r777lY0zycXvJ02M4sxMjg4SL1eR0TYsGEDw8PD9PX10d7ejogUN3a1GqpKCIE8z5mdnUVVqVarbN++nba2Nvbu3csDDzyAqrJ8+atb+zjn6e/vZ/Xq1axatYq1a9fS29tLlmUMDQ1RKpXOm9EXvV6v1+tWr9eZnp5mZmaGWq1GjLHF62aiNZ+bnPfe45xrvTZzxMyYmZk56+LXzKjX661DvHOOJElIkoRSqYT3/vLvRlW15eHCa4VxzdvmpjZDfubzuXeb3vuzqCEixBhbo0NTkyS5PAr9L8j/96+U/w3yCoCXW14B8HLLvwDd67nwZIEPdgAAAABJRU5ErkJggg==") no-repeat center center;
+}
+.icon.warning {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAMVUlEQVRogdWZeXDVVZbHP7/f27JBwtJIiCERRFlbx5FuHRrRBgtBsRIwCCOrFmGmiDBjYVNlQlgiQjU6IjI4xLJxGf5QGp0Cbaftsu3Rhu6aYXqgLZoWEsjyyDP7S972e7/l3vnj5cW3Ji9M/zOn6lRS997fvd/vueece+59ipSS/89iv5mPZEQQQsS23RQARVEAUFUVRVFQog0ZyogJSClld3c327Ztw7IsLMuKto90KgBsNhtVVVXMnj2bvLw87Ha7HBEJKWXGKoSQXV1dcsuWLfLSpUsyKkKIIdWyrLTqdrvlU089Jc+cOSM9Ho8Mh8NSCCEzxTRi8JWVlbKtre0vAt6yLGmapmxtbZXr1q2TZ86ckW1tbSMikTH4GzduyKqqqkHwsSA1TZOhUChOg8HgoBqGIQ3DSAk+VleuXDliEspwviullD09PbzwwgscO3Yszt91XScQCNDZ2YlhGIPfuFwu7Pb48FJVlZycnEG/z8/PRwiBqqqDYzweD88//zyrV69m7ty5jBs3DofDMWRgD0lASik9Hg979uzh2LFjcYEaCoVob2/n2q9+hbZ585BGSCWltbVMr61NtSYbN25k7dq1zJkzZ1gSaqrGWPD79+9PAh8MBuns7OTie+8R2rwZCYOaqTTt3cuf6+qSwAMcP36co0eP8vXXX9Pd3Y1hGMg0lk65A1HwdXV1vPHGG0mW7+jo4A8/+xn2BAAAI0riQOnu3cyork7Zt3btWtavX89dd92VdieSCEgppdvt5sCBAxw5ciSuLxQK0dTURMOHHyJ37hwh1NSiAKU7djDzxRdT9q9YsYJt27YxY8aMlCTiCEgp5eXLl6mvr+fVV1+NmygYDNLW1sY3J09ipLEYQDPw2sBfCTwMLARKgKwhiNxWU8OsXbvi2qLYnnzySSorK1PvRGyqvH79uty6dWtSLg8EAvLKlSvyo1275M8hSV8H+eMBvRPkP9Vslp0tV6W3u12+c7hOTgT5NyAXgtwE8gTIUyn0D9XV0jAMqet6klZUVMjPP/88KcWqUcs3NjZy+PBhDh06FGeFqNtcOnECY8+euICVwDWgFtj/m1/wD+8f5xtg6uy5ZI+5BSkkU6fexgu7tvLWhd/x1tXL5P/905wAggnzSODavn388Sc/SblDL7/8Mq+99hqXL1+OC2zb7t27uX79+u7Dhw+ndJvW1lYaP/qI0EDKS1z0XeDjC7/l9llz+d6EWxjv0imdcgeFRcVofR46vm1Cx8ndP5hP3qjR/GDuX/GbC5/iberl1qirxGjv73+PYRjc8tBDcVhGjRpFRUUF27dvp7i4mPz8fFwuV2QHVq1aldLyDQ0NXDt5En91NRIQCRqNHld2HsLUCfu6GD9mNIoVQggDy9RQpYLTbkdV7Vh6CH9vJ/fcfz/vALsAN2AlzHv1wAEu1tTExUI0Hl555RXq6upobm4mEAhECEyePDkOvK7rtLS0cOP0aby1tUnAo2oNkFAUSTjoRfN+ix7wgjRBShACVVFQRGSkHvTypwtnmXHPQhrbb3D0k1McAdpiDBLVhp/+lIvV1UlV7oQJE8jNzcXtduPz+ZIPMtM0aWhooPH99+mtrU1ymVRqUxUQFlJYSBFGCivGOSyEaSCFAGlhd+Vy7w/n43BmM3POXWx69hl8AyMTDXTl4EEu7t2bCBGAQCCAruupCdjtdrp3705r+ViN22YhsUwdyzRBCpACyzIRMnpngCxXNjYlMk4L+ggoYXxp5pbAlX37cDgcSQSEEAxmoVgQg/9nAP67bVdAUcFmQ3W6IgtIiWUKLCGwLGvQj69e+m+EsBB6iGB/N/3e9oyNlIgRYm5kiR2JH0L6MkFYEi0UQKAycdJUbIodT3Mjpu6n3xfCptoRlomQCqZpRkhLCykMhLBQSV1HJbalKnvSF3MpNO0OSIEwDWyuPCaVzCRv7ER8Ph+mtJM35lZsdjvuxktYhobDkYOCgqJEDWLLaAfSVc1p78SJO2AAvUBggLUNKIx2Kgqjv3crY2wOiqaqKKoKihKJCctCC/npbW+jq7sbS7UjkGCZCCkQQkdJsV6mRWHGBH4HLHpxF3LcGDq6u7nw2S85++V/4gb0kB9hFoAZwuZwgc2BqjpQVRWbzYXd4cDlysHn7WJi0W2EfH24XA6EjKySqhTPtDRPIjB4XUtoPw3sKV/O+KJipJT4V63mq3/7Obu21/LN/5xl9l/PIys7G2fOaBS7E5vNQrU7UW0KNlUFp5P8MeO5/8HFhPo7CXr7MMIaQW8neSkMlqnEEYj1s8QJbwXaWpopmDgJh93OqHGFLFy9jjunTeHNo2uAvUy54/uMuaUYV24BUpVYpoVEwaY4UVUbitNJ9ugxOBw2tEAPfX29QCjuVB9OEmNBTdeRGEj3A56OdkwtgDDCCKFjz8ql6N55/G3VcRouX+SXH72Ht6udcCg4cJiJSPIn8oCloIKUKAhURUUIiVCjx128pjtrEiVtFkrMNNOBA+s34XG3YIRDSMtAkSbOrDzuvOchHnmiklEFY3n76G7Of/nv9Ht7EMJCSjGoljCxjOBAnaSjhYPowevDZrx04FMSGLwnJEzmAOYCn33wAUYoiGXoSMsEoeNwZTO2aDrzFpWxck0VJVOn4fd2E/T7oneNyOFlGkjLwNTD6FoILRQEa/hDcyhJIuB0OlFVNeVE04B3XjnC+d9+hRYKYJlhpDBBGDidDiaUfp/xk24nJ3c0eaPzsKsgzEhtZJkGIuzDNDRCAR99fb309XYhNAYPsnQ6IgJSSgoKCihavDilJZ4Aajf8HVf/fAnLCCNNAyktECaqIsgbV8So0WMHrn2RGLBMHREOYBg6eiiIFgzQ7/US8vmYoEDuENa/u6oqcwJRPysoKOC+N9+kcNGiJGvkAQuADY+twn3tCuFg/4CVDbB0VKHhzHbhdGVhs6kgDKTuR9f86KEAWtBHd0c73p52pB5Av5KewJxnnmHeoUOEw+EkjHEEYi8MEHlFKyws5IfHjlG4cGHSxJOA1cATPy7nT388j+73YoYDCEuP1DhSRrKOlFhmmLAWQNMCBHw9tHtu8K2nBcsI8uGxf8HoiRBINNTtjz7KQ/X1xL6iRDHGvubZAfr7+1Nuz+TJk6G+nv/atInmX/86rq8AWAlUrahk/Fio/8XHjM4fi93pHCgRFCzLQtd1tFAQLeCjs9NNb4cHxdL44J8PozfD7XyXRqNy97p1PPz220gp0XU9zriKogw+SaqqGtmB48ePU15enkRASklRURH31tcz6cEHk1JrAfAUcEcPLLjvMU69/694uzsI+X3093TS5blBl8eNt72VHk8Tfd9eR+vv4MQ/HkZpiJwttgTL3/Hoo2nBNzY2smjRIhYsWEBBQQEulyvyLuT3+2VTUxM7d+7k5MmTKXNuS0sL555+mtYvv0zqE0A7kavhqFL4oAlCCWOygGIiqTiHyMnuTBgz/bHHKDt9GillnN8D+P1+ysrKWLJkCdOmTWPWrFmUlpZGCAghpN/vp7m5mZqaGl5//XUKCwtJFLfbzX+sX8+Nr75K6rtZiXr49KVLKf/4Y4QQ6LqeBP6RRx6hvLycadOmMXPmTEpKSsjNzf3uZS6WRHV1NadOnUpaTEpJa2sr5zZupOkmSaQqk2csWcLyTz4BQNO0uL7GxkbWr1+fErzNZlMGw1lVVSUvL4+SkhL27dvH8uXL8Xg8ceABiouLue+ttyieN2+IK2Z6TRx/5+LFacE3NDRQWVmZFjwknAOxJF566SW2bNnChQsXkmKipKSEB959l9vmzcvo1pZOpz/8ME98+mla8Bs2bGDZsmVpwUOa5/VEd0oXE319fXxWXs43Z88m9Q0n03/0I1YPJIRE8OfOnWPHjh2UlZUNCT4tgUQSO3fupKqqigceeGCwP/a7VM8emUg0VcbK+fPn2bp1KytWrBgW/JAEEknU1NTw7LPPMn/+/GFBZQI8lZw/f57nnnuO5cuXM2XKlGHBD0sgkURdXR2PP/44FRUVNwV+qP7Tp09z8ODBjNxmRAQSSRw4cIBly5axdOnSvwh4RVH44osv2L9/P2VlZRlbfkQEEkls376djo4OQqHE83bk4nK5EEKwZs0aSktLRwR+RATgOxItLS1cu3aNvr6+wTfK/4tEfzeeMmUKkydPzhg8jJAAREgEg0H6+vrQNC2pFL8ZUVWVrKws8vPzycnJQVXVjH/s/F/lgJiyQFHragAAAABJRU5ErkJggg==") no-repeat center center;
+}
+.icon.important {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAALa0lEQVRogdWZa2wc1RXHfzM7O/teP9e1vXHSmEdjx3YeDkkaF6REKRRCEDSEFNkRjdSWSsgC2iqoRWqLQKiqIBg1NOQDiMeHtkQIQkRRS9S4aWwgCQoUgl232KkT28J21l6vd3d2dx79sDuTXdtre03Uqlc62tl53Pv/n3PuOffcKxiGwf9zE//XAL5sk65WR0a6AaDrOjMtKwgCoigiCAKCIAhXa9wvTcAEHhoc5KMjR7jw3nucf+MN67k/GCS4YQOr77yTpl27kGUZm81mXC0ywlLnQDbwEwcO0P2b3yz4jV5RwZq2Nm5/5BH8fj+SJGGz2b4UiSURMAzD0DSNEwcO8MdHHln8d0AcsAUCfOe551h7yy04HA7sdvuSrVEwAV3XjdDgIC/v2cOl06dznqWAJCAAMvn9MwlEgF1PP8037rsPt9uN3W5fkjUKIqDrujF+4QLP3XQTU0NDOc8UIAa4y8sJtrQQqK/H7XQSfv99Pn/nHQRRxNB16/0EEAUatm9n76uv4vP5cDgcBZNYNIF84I0MEK20lIZvf5sNe/dSWlqK1+vFxBEZHubT3/+evqNHmR4dJRWP55BevW0bra+8gt/vx+l0IknSokksikA+8ElgClixYwc3799PZWUlTqczbz+x0VFOPvEEQ6dPE/niCwxdt0jUbd1K68svU1xcXBCJBQnMBz5eWkrL/v2s++Y3KSsrQxQXlxc7f/5zBjo7CQ8NoadSKKQn943t7dyyf79FYjHuNC8BwzAMVVV56Z57+OzNN3PAJ8vK+FZHB2s2b55X6/nahRMnOP7TnxLOKEXJyO2/+hVf37uXoqIinE6nmfzyksirMjNUvvGjH+WAVwG1vJxbDhxg1bp1uFwuMwQWJCu3bWPN3r24SkoAcGbA/OXXv2bws8+IRqOkUqlZGX1RBAzDMHRd51+nTvHewYNX7gPTQMO+faxav56SkpIlgTdlU3s7TXv2IGUs6AGioRDH2tuZmJggFouhqirGPCzyEUBVVX7X1pZzPwI0fP/7bNmzh7KysrzADh8+zP3338++ffs4ePBg3vdEUWTDD3/IsuZmRLsdW4bEpd5eOp99lnA4jKIoaJqWl8QsAqb2Txw4kDNp40BxXR0bWlspLy/PC+qZZ55hdHQUSZIYHByko6ODxx57bBZwcy3kq6xk6y9/ib+qCgQBmbQ7nT50iIs9PUSjUZLJJIZhzEliLgKMDQzwp5/9zLqnkQ51W3/xCwKBAE6nMy+B3t5exsfH6ezspLe3l3g8zuHDh2cBz5bKpibWtrXhLi0FwA3owNsPP8zExATxeBxVVecyQC4Bc+L+taNjluvU33031dddN6/2BUGgpKSE/v5+JicncweaA3i2tDz8MIHrr0eU0gsQBzDW10ffyZNEIhESicScrpRDQNd1xgYG+OC3v7XuJQBXIMDWn/yEioqKeUGMjY0hCAKKoszS1MjIyLzfAmx/4gmKli0DQcBJOmicfOopJicnicfjJoG5LWBq/+Szz+a8oABNe/bgdrvndR1BEKiqqiIejxOLxWYRCAaDC0alqjVrqGxowFNWhkDalUKff07f3/5mWSFTLFksLAK6rjN+4UKO9lXAUV7O2tbWeaNOthZlWZ4FHlh0aN3y4IPIHk+6L8AGvNfRQTgctuZCthVEU/u6rnPutddyBk0A9bt3W4us+QY2fbyurg6v15vTzw033LBoAsHmZoLNzdgcDgBcQKi/n391dTE9PU0ymcyxgkmAVCrF+4cO5WjfFgiwfoGwOTOylJWVUVtba1mkUAKCILClvR1veTkA9owVPnzllZy8YFnA1H5/dzfTw8PWgziwcutWfD4fsiwvCNyUxsZG3G43lZWVVl933XVXQQSq161j+ebNlhXcwBdnzxIOh60lhmkFEUDTNP7++uvWgBrp6mrNHBk3H/BsAtFoFEdm8GAwyMaNGwsiIAgCjbt346uosKwgAp8cPWolNj1THInmsqHn6FGLQApY1thIxcqV+Hy+WX6+0ETesWMHLpcLWZZ54IEHCgYvCAKrbrsNyem0JrQEXMzkhKzlBaKu61z+97+ZHhnJmbwrtm2zJu5CWp8pra2tNDU1sXPnTtrb25dEQBAEvrplC57MXJCB8XPniEQixONxa6Uq6brOQHd3jvvoQP2ttxZUpMxsL7zwwpK+AyxLXrt9Oxe6uxFEEXvGZc4fO0bVD35AMplM1wuapjGYtbugAp5AgKLqaquu/W/JTEs37dqFqihWzSADk8PD1jzQNC3tQtmrThUINDbm+H4h0tfXx6OPPsodd9xBW1sbPT09BQPPluu2b7fWRxIQ6usjFotZBCRN06wZbbZAfT1FRUWWKQtpzz//PMPDw/T09DA1NcXo6CjHjx+f11Xma95AwHJjEdB0HUVRrhCYuRGrAiXBoFUqFtq6u7sZHx9nJBMUurq65uxnsX0Hm5v56A9/ANIJLXrpEolEwgqlUqZQyPlo6OOPlzx5ly1bxnBWQmxpackBW6hSBEC02axrpqasNZGmaek8kN0kYPDjj1FVdUlz4Mknn6Surs4Cb5aUhYZiUy59+GGOgm3V1WiadiUPCILAV9autV5wAaM9PXQeOWJprBBpaGjgxIkTpFIpOjs7aWxsXBJwUwZOnUKZmgLS2zl4vUjSlV1XURRFqtavv3IDKAVe/O53efPxx69aSCxUBs+c4dV77+Vyfz+xy5eBdG3iX7ECm81m9S2JokiwuZmiujrCPT1AuqgOAqcef5zzL77Imt27uemhhyipqVnYZ5cw8bPbR0eOcOall7g8MEB4aIhEJAJk9qOAwKZNyLJsHpQgRKNRIxQK0XPmDH/+3vdQQ6G8na/YtIk199zDypYWVmzceFWAT1y8yMWzZzn/9tv0vfsudqeTlKIQHRvL2QSOAqU7d/K1W2/l2muvpba2Nl3iJhIJIxKJMDw8TO/Zs3zw4x+jTUzkHVCw2fCUleHw+QiuXYu/upqqhgb8VVUYhkFNczPFweCs7z556y3r+vyxYwiiyD+PHwdBwNB1krEYhqYRC4UwdB2D9LJmmnRtXHz77VTfeCPLly+ntraWmpqa9MaaqqqGoiiEQiGGhoYYHBzk00OHiHR2LkqDNlnG7nJhd7nQswqN+ZogiuipFMlYDDWRgBl5KEF6woqAUFFByc03U756NZWVlSxfvpyamhoCgQAejwdB13VDVVVisRihUIiRkRGGh4cZ+sc/GO3qIt7VhZGJAle7mVpWuVKDCBng8jXX4N68Gc8111BUVER5eTnV1dVUV1cTCASuFFqGYaDrupFKpYjH40xMTDA+Ps7Y2Bjj4+OEw2EmenqYPneO1OAgZCWpxTY9S9QMcLhyHGUDRI8HqbISZ309zoYGnE4nHo8Hv99PaWkpgUCAiooK6/DE4XCkI1HW2a6hqiqKojA9Pc3k5KQl4XCY6elpotFoetukv59UKIR66RLToRBJTcMYHUWIRvMSMPO6rbY2/SsIOFatQpYk5NWrkSQJWZZxOBy43W68Xi9+v5+ioiJKSkooLi7G5/PhdruRZdnads85HzD3hpLJJIqiEIvFiEajRCIRIpEI0WiUWCxGPB631iOKopBKpazUbi4Oc7Y+snKCzWbDZrMhSRKSJGG3262w6HK5cLlceDwevF4vPp8Pr9eL2+3G5XLhcDjMkxuETNibdcBhnv9qmkYqlSKZTJJIJFAUhXg8jqIoKIpCIpGwSCSTSVRVtWSuk3qTiAnebrfngHc4HDidTpxOJy6Xy7qWZdk6wZzrxCbvCY1JRNd1NE3LAWgSM69ngp+PgCiK1gF3NhFTzHvmO+Y3wCzw8xLIJpL5tYCZpEyw2f/nWt1ag2UtM0x3Mq1iAp1j+bH0M7KFCGWDnfmbd8AMnuxfUzL/C0rp/wFnFd4nEQn3XQAAAABJRU5ErkJggg==") no-repeat center center;
+}
+.icon.caution {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKdUlEQVRoge1Ze1AV1x3+zt279wEiDWCYGzRVktqa1MEmmtbWR22ncXxUrTDWV/5IqG2wUAUfmUwSkk6V+EAJCEQC6figwZBqZtRxqukftebRZBpFG1S0hiRErwiaKK977+6eX//YPXt37+UiIJlMZnpmdnb33PP4vt97z2VEhG9yc3zdAO60/Z/A192+8QScX8Wifr+fWltbzffU1FT4fD72Vew15ASampqovr4eBw8eNPvGjRuHzMxMmj9//tCTIKIhu958801yuVwEoNdr48aNNJT7EdHQEdi/fz/JshwTvLiKioqGlMSQLFJfX0+MMRvQsWNSqXLzH2jez78fRWLTpk1DRuKOF6irqyOn02kDOP8XGdTz+VFSP91Hatu79NRvZ0SR2LJly5CQuKPJtbW1JEmSDdivHp1AwctHSblYSsqFElLOF5PavIvWZU+LIrF169Y7JjHoibt3744CnzXrIQpeOUbKhVJSmkpIPV9MyrnNpJwtIuVSNa15/MdRJLZt23ZHJBjRwIu5N954gxYvXgzOudm3aO5E1L5SBNZ1HoxrINLAyH6HJxVP/WkXtu9+37ZeSUkJVq9ePagQO+BMXFNTEwV+ybxHsPeVIjg6zwOkgSWNhuOuUUBCKhxJY0AggDSgpwWbn1mO1csftq1ZUFCA0tLSQZXFA0pkVVVVlJOTA6vWsmY9hF07N0AS4OU48LgRWLO+FPFxboxMS8G5hlPYmPMI4jwM1P0Jtj67DJyrKHvtNADdjPPz8+FwOCgvL29gmuivrVVUVESFyqxZD1PoyjFSL+7QHbapmJTml+n9EzVRtl676ZekNKwl5VQ+KSfzKHR2E+UutodYxhiVl5cPyCf6ZUJlZWWUm5trk/wTi6bgtVdf1M2Gq2DEwUgDNBWhUDBqjfSRwwGoIOEP3c3Y/uxirFw0zibMvLw8VFZW9tucbkugoqKCVq1aZQO/YslUVJU+D9bVBIDroLgK4hygEDweybYGY8AD6d8yftfASL+j+2O89NwiPJk51kYiNzcXO3fu7BeJPgkUFxdTbm6ure/JZdNRub0QrOMcGFcBrgLgAHEAGqD2ID7OZZszJi0RcR6HAV4DkaqPJxXouoSywkz8buF9NhIrV65EVVXVbUnEJHDixAlat26drS9n+U+xo/hZMMNhyZA+uAbAIKOGMCJlmG3eA/clAYaJEamGBlRdC6QBXZewo3AhVswfbSORk5ODDz/8sE8SvRLw+/1UXV0dBb5MgOe6LUNIEqpOwgCUlOCESw4HuAfG3KX7B2kAGaTJ0Jro77yI8ucX4DfzRtlIHD58GH6/PyaJXgk0NjZi79695vuUiffrkr91Vt8cHAwc4FZJGiZEKqDcwsi0ZHP+d749POy8MS7iGtBxARWF8/CDsQnm3BdeeAHWj6N+EYhspSVbgI5zYYkZGmAwzIEbwA0tUM9NfO+7aeb89HuGRQBWLcSNZxj3zvOYMzk5NpjBEHi99mXD5lXdjqGDJh42h7CEOXhnK3448X5z/shUb1jSpIEM8yFuzOUcjAsNcnR0KXdG4MEHH8TEiRPN9z0H3sfRE41m+GNcs9i0LjkGTTcrUoGem5g7/V5z/ohElw4O+jxGYQ3qJqmBjN/+cbINtcfCJvPYY4+hr3qtVwI+n49lZmaa71fbbuH3hX/FycbPQKSCoIIMQEQcehjVo5Gw8/F33cSvH03H2HuHY1icQzcvYWKGIMiITMwQwjtnruPpqk9w/ZZq7p2RkYEJEyaAYrCIWY36/X7KyMhAW1ub2XfP3Qmo3ZKFaQ+P0gmYIdSoOkU4lWSwxGRAdqHL/xm86k27w0blAw3/PncD6yo/xrsfdZj7paSkoLGxESNGjAgDZsxWK8X0AZ/Px44fP460tLAzXrnWgUX5r+PYuxf1mG/Gf80sofWy2YuWbg/+uONtPLHhPRw+0WIHL8hbwG95rcUGPiEhAYcOHUJSUhI456YZRWqiz+8BIqLm5mZMmjQJN27cMPsTE9zYtWE25k4bYzh3mABIBRwOHPgPx+LH/6yDiXPi6pHZcEpk+I5qmtGpCzdQecCPPUevmevLsowjR45gypQpcDgc5mVowKaJmBoQTEePHo2GhgaMGxcuum52BLHsqUOoP3oWgLB9Sz7QgpgxJoThw/SSIutnaXBKZEpcgD998Uvs+3ubDbzT6URNTQ0mTZoEVVWhaRo459A0TeCy4etVA+JH8RvnHK2trZgzZw5Onz5tjnPJDrxSOAPLZt1nSVIqwDmIVJw6dx1nLt3A3J/cjZThkhE29cvf3o2KA59ja91lcz3GGDZv3oylS5fC7XbD6XTC6XRCkiRIktS7Jm5HQLDXNA3Xr19HVlYWPvjgA4vEGLav+RHmTxsJX4rb8AsO4kbOIG6GzTD4HvzlmB/PVH9q2zc/Px/Z2dnwer1wu92QZRkulwuSJEGWZZMEY8wkEGVCVvCCAOcciqIgPj4e+/btw9SpU83xqkpYteU9HHm7Bf62rnC2RjikisTFSMPV9m4ceucannvVDn7p0qVYuHAhgsEggsEgQqFQlAlZnVm0PjOxIKFpGogIqqrC5XKhuroa06dPt4wDcl78F+qPNeNKe6cRoTjsZYOKK+3dON7wBQrKm2H5pMbMmTOxZMkSBAIB9PT0oKenB4FAAIqiQFEUU4hRRyq3I2AlIZ4553A6nSgvL8fs2bNtY9eVNaDub58YmhDZWpe+v70bJ5tu4clt/4WihqU4efJkrFixAkRkAg4Gg1AUBaqqmuDF/pGtX7WQNXeIZ0mSUFRUhAULFtjGPl3ZiJdev4QrbZ16zUQqrrZ342JLN5ZvaEJ3ICz68ePHIycnB5qmmZIW4EOhUJTZWEKo+Rx1KsEYY9Zk4XA4IEmSKXnOuRkVJElCYWEhvF4v6urqzDVK9n2Mzu4Qnl5+L9q/7MHltgBWbr9kA5+eno7c3FzIsoyI5GrTeCzgosU8VmGMmSGLiEwSsixH2WNBQQEA2EhUH/wc7330BaaOH479/2zHtS/CFabP58OaNWvg9Xp1EE4nZFmGLMtwu93wer1wuVy2ECpJko2IiTNWJrZGI+HEwi6FisUVCAQQCASwZ88eVFZW9lk9JicnY/369fD5fPB4PCbo+Ph4k4TH44HL5YLX64XX6zXH9EKE9aUBRkTEGLNJP1Kd4nI4HMjOzkZ8fDyKi4ttJ3eiJSYmYu3atRg1apQJzuv1wuPxwOPxwOFwmEBFHnA6nXC5XGYSiywlbns2SnoDANN0hMNZnS0UCpkaOnPmDN566y20tLSY2ktLS8OMGTOQkpICt9uNuLg4M2EJ8CJZSZJkZmFBwkrAWpH2+3BXEBEkRIhTVdVMOCL5qKqKy5cvQ1EUaJoGVVWRnKx/Jlpt3eVy2QCKu9C68AFr9o0spwd0Oh1ZYggCIlNaiQktiXdhZgKQABcp3ci7LMtM7B0JfsAErJoAYItG1mdr+hfvVlACtHDIXkploYXbHvQOikDEe6/ZmjFmAhf9ZvJxOk2Qol88W4kYz32SGNQfHLG+TyMTkAVEr88xQfVnkBg7GAKixSIykDYQsL21/wFkW/B5QqT9lwAAAABJRU5ErkJggg==") no-repeat center center;
+}
+</style>
+</div>
+</div>
+<style type="text/css">
+.deck-container .deck-toc li a span{color: #888;display:inline;}
+</style>
+</body>
+</html>
diff --git a/Module_Secure_Storage_Slides.html b/Module_Secure_Storage_Slides.html
new file mode 100644
index 0000000..1d064e1
--- /dev/null
+++ b/Module_Secure_Storage_Slides.html
@@ -0,0 +1,5535 @@
+<!DOCTYPE html>
+<html>
+<head>
+        <meta charset="utf-8">
+        <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+        <title>Secure Application Storage</title>
+        <meta name="viewport" content="width=1024, user-scalable=no">
+        <meta name="generator" content="cdk" />
+        
+        <!-- Core and extension CSS files -->
+
+<style type="text/css">
+html, body {
+  height: 100%;
+  padding: 0;
+  margin: 0;
+}
+
+body.deck-container {
+  overflow-y: auto;
+  position: static;
+}
+
+.deck-container {
+  position: relative;
+  min-height: 100%;
+  margin: 0 auto;
+  padding: 0 48px;
+  font-size: 16px;
+  line-height: 1.25;
+  overflow: hidden;
+  /* Resets and base styles from HTML5 Boilerplate */
+  /* End HTML5 Boilerplate adaptations */
+}
+.js .deck-container {
+  visibility: hidden;
+}
+.ready .deck-container {
+  visibility: visible;
+}
+.touch .deck-container {
+  -webkit-text-size-adjust: none;
+  -moz-text-size-adjust: none;
+}
+.deck-container div, .deck-container span, .deck-container object, .deck-container iframe,
+.deck-container h1, .deck-container h2, .deck-container h3, .deck-container h4, .deck-container h5, .deck-container h6, .deck-container p, .deck-container blockquote, .deck-container pre,
+.deck-container abbr, .deck-container address, .deck-container cite, .deck-container code, .deck-container del, .deck-container dfn, .deck-container em, .deck-container img, .deck-container ins, .deck-container kbd, .deck-container q, .deck-container samp,
+.deck-container small, .deck-container strong, .deck-container sub, .deck-container sup, .deck-container var, .deck-container b, .deck-container i, .deck-container dl, .deck-container dt, .deck-container dd, .deck-container ol, .deck-container ul, .deck-container li,
+.deck-container fieldset, .deck-container form, .deck-container label, .deck-container legend,
+.deck-container table, .deck-container caption, .deck-container tbody, .deck-container tfoot, .deck-container thead, .deck-container tr, .deck-container th, .deck-container td,
+.deck-container article, .deck-container aside, .deck-container canvas, .deck-container details, .deck-container figcaption, .deck-container figure,
+.deck-container footer, .deck-container header, .deck-container hgroup, .deck-container menu, .deck-container nav, .deck-container section, .deck-container summary,
+.deck-container time, .deck-container mark, .deck-container audio, .deck-container video {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-size: 100%;
+  font: inherit;
+  vertical-align: baseline;
+}
+.deck-container article, .deck-container aside, .deck-container details, .deck-container figcaption, .deck-container figure,
+.deck-container footer, .deck-container header, .deck-container hgroup, .deck-container menu, .deck-container nav, .deck-container section {
+  display: block;
+}
+.deck-container blockquote, .deck-container q {
+  quotes: none;
+}
+.deck-container blockquote:before, .deck-container blockquote:after, .deck-container q:before, .deck-container q:after {
+  content: "";
+  content: none;
+}
+.deck-container ins {
+  background-color: #ff9;
+  color: #000;
+  text-decoration: none;
+}
+.deck-container mark {
+  background-color: #ff9;
+  color: #000;
+  font-style: italic;
+  font-weight: bold;
+}
+.deck-container del {
+  text-decoration: line-through;
+}
+.deck-container abbr[title], .deck-container dfn[title] {
+  border-bottom: 1px dotted;
+  cursor: help;
+}
+.deck-container table {
+  border-collapse: collapse;
+  border-spacing: 0;
+}
+.deck-container hr {
+  display: block;
+  height: 1px;
+  border: 0;
+  border-top: 1px solid #ccc;
+  margin: 1em 0;
+  padding: 0;
+}
+.deck-container input, .deck-container select {
+  vertical-align: middle;
+}
+.deck-container select, .deck-container input, .deck-container textarea, .deck-container button {
+  font: 99% sans-serif;
+}
+.deck-container pre, .deck-container code, .deck-container kbd, .deck-container samp {
+  font-family: monospace, sans-serif;
+}
+.deck-container a {
+  -webkit-tap-highlight-color: rgba(0, 0, 0, 0);
+}
+.deck-container a:hover, .deck-container a:active {
+  outline: none;
+}
+.deck-container ul, .deck-container ol {
+  margin-left: 2em;
+  vertical-align: top;
+}
+.deck-container ol {
+  list-style-type: decimal;
+}
+.deck-container nav ul, .deck-container nav li {
+  margin: 0;
+  list-style: none;
+  list-style-image: none;
+}
+.deck-container small {
+  font-size: 85%;
+}
+.deck-container strong, .deck-container th {
+  font-weight: bold;
+}
+.deck-container td {
+  vertical-align: top;
+}
+.deck-container sub, .deck-container sup {
+  font-size: 75%;
+  line-height: 0;
+  position: relative;
+}
+.deck-container sup {
+  top: -0.5em;
+}
+.deck-container sub {
+  bottom: -0.25em;
+}
+.deck-container textarea {
+  overflow: auto;
+}
+.ie6 .deck-container legend, .ie7 .deck-container legend {
+  margin-left: -7px;
+}
+.deck-container input[type="radio"] {
+  vertical-align: text-bottom;
+}
+.deck-container input[type="checkbox"] {
+  vertical-align: bottom;
+}
+.ie7 .deck-container input[type="checkbox"] {
+  vertical-align: baseline;
+}
+.ie6 .deck-container input {
+  vertical-align: text-bottom;
+}
+.deck-container label, .deck-container input[type="button"], .deck-container input[type="submit"], .deck-container input[type="image"], .deck-container button {
+  cursor: pointer;
+}
+.deck-container button, .deck-container input, .deck-container select, .deck-container textarea {
+  margin: 0;
+}
+.deck-container input:invalid, .deck-container textarea:invalid {
+  border-radius: 1px;
+  -moz-box-shadow: 0px 0px 5px red;
+  -webkit-box-shadow: 0px 0px 5px red;
+  box-shadow: 0px 0px 5px red;
+}
+.deck-container input:invalid .no-boxshadow, .deck-container textarea:invalid .no-boxshadow {
+  background-color: #f0dddd;
+}
+.deck-container button {
+  width: auto;
+  overflow: visible;
+}
+.ie7 .deck-container img {
+  -ms-interpolation-mode: bicubic;
+}
+.deck-container, .deck-container select, .deck-container input, .deck-container textarea {
+  color: #444;
+}
+.deck-container a {
+  color: #607890;
+}
+.deck-container a:hover, .deck-container a:focus {
+  color: #036;
+}
+.deck-container a:link {
+  -webkit-tap-highlight-color: #fff;
+}
+.deck-container.deck-loading {
+  display: none;
+}
+
+.slide {
+  width: auto;
+  min-height: 100%;
+  position: relative;
+}
+.slide h1 {
+  font-size: 4.5em;
+}
+.slide h1, .slide .vcenter {
+  font-weight: bold;
+  text-align: center;
+  padding-top: 1em;
+  max-height: 100%;
+}
+.csstransforms .slide h1, .csstransforms .slide .vcenter {
+  padding: 0 48px;
+  position: absolute;
+  left: 0;
+  right: 0;
+  top: 50%;
+  -webkit-transform: translate(0, -50%);
+  -moz-transform: translate(0, -50%);
+  -ms-transform: translate(0, -50%);
+  -o-transform: translate(0, -50%);
+  transform: translate(0, -50%);
+}
+.slide .vcenter h1 {
+  position: relative;
+  top: auto;
+  padding: 0;
+  -webkit-transform: none;
+  -moz-transform: none;
+  -ms-transform: none;
+  -o-transform: none;
+  transform: none;
+}
+.slide h2 {
+  font-size: 2.25em;
+  font-weight: bold;
+  padding-top: .5em;
+  margin: 0 0 .66666em 0;
+  border-bottom: 3px solid #888;
+}
+.slide h3 {
+  font-size: 1.4375em;
+  font-weight: bold;
+  margin-bottom: .30435em;
+}
+.slide h4 {
+  font-size: 1.25em;
+  font-weight: bold;
+  margin-bottom: .25em;
+}
+.slide h5 {
+  font-size: 1.125em;
+  font-weight: bold;
+  margin-bottom: .2222em;
+}
+.slide h6 {
+  font-size: 1em;
+  font-weight: bold;
+}
+.slide img, .slide iframe, .slide video {
+  display: block;
+  max-width: 100%;
+}
+.slide video, .slide iframe, .slide img {
+  display: block;
+  margin: 0 auto;
+}
+.slide p, .slide blockquote, .slide iframe, .slide img, .slide ul, .slide ol, .slide pre, .slide video {
+  margin-bottom: 1em;
+}
+.slide pre {
+  white-space: pre;
+  white-space: pre-wrap;
+  word-wrap: break-word;
+  padding: 1em;
+  border: 1px solid #888;
+}
+.slide em {
+  font-style: italic;
+}
+.slide li {
+  padding: .25em 0;
+  vertical-align: middle;
+}
+
+.deck-before, .deck-previous, .deck-next, .deck-after {
+  position: absolute;
+  left: -999em;
+  top: -999em;
+}
+
+.deck-current {
+  z-index: 2;
+}
+
+.slide .slide {
+  visibility: hidden;
+  position: static;
+  min-height: 0;
+}
+
+.deck-child-current {
+  position: static;
+  z-index: 2;
+}
+.deck-child-current .slide {
+  visibility: hidden;
+}
+.deck-child-current .deck-previous, .deck-child-current .deck-before, .deck-child-current .deck-current {
+  visibility: visible;
+}
+
+@media screen and (max-device-width: 480px) {
+  /* html { -webkit-text-size-adjust:none; -ms-text-size-adjust:none; } */
+}
+@media print {
+  * {
+    background: transparent !important;
+    color: black !important;
+    text-shadow: none !important;
+    filter: none !important;
+    -ms-filter: none !important;
+    -webkit-box-reflect: none !important;
+    -moz-box-reflect: none !important;
+    -webkit-box-shadow: none !important;
+    -moz-box-shadow: none !important;
+    box-shadow: none !important;
+  }
+  * :before, * :after {
+    display: none !important;
+  }
+
+  a, a:visited {
+    color: #444 !important;
+    text-decoration: underline;
+  }
+
+  a[href]:after {
+    content: " (" attr(href) ")";
+  }
+
+  abbr[title]:after {
+    content: " (" attr(title) ")";
+  }
+
+  .ir a:after, a[href^="javascript:"]:after, a[href^="#"]:after {
+    content: "";
+  }
+
+  pre, blockquote {
+    border: 1px solid #999;
+    page-break-inside: avoid;
+  }
+
+  thead {
+    display: table-header-group;
+  }
+
+  tr, img {
+    page-break-inside: avoid;
+  }
+
+  @page {
+    margin: 0.5cm;
+}
+
+  p, h2, h3 {
+    orphans: 3;
+    widows: 3;
+  }
+
+  h2, h3 {
+    page-break-after: avoid;
+  }
+
+  .slide {
+    position: static !important;
+    visibility: visible !important;
+    display: block !important;
+    -webkit-transform: none !important;
+    -moz-transform: none !important;
+    -o-transform: none !important;
+    -ms-transform: none !important;
+    transform: none !important;
+    opacity: 1 !important;
+  }
+
+  h1, .vcenter {
+    -webkit-transform: none !important;
+    -moz-transform: none !important;
+    -o-transform: none !important;
+    -ms-transform: none !important;
+    transform: none !important;
+    padding: 0 !important;
+    position: static !important;
+  }
+
+  .deck-container > .slide {
+    page-break-after: always;
+  }
+
+  .deck-container {
+    width: 100% !important;
+    height: auto !important;
+    padding: 0 !important;
+    display: block !important;
+  }
+
+  script {
+    display: none;
+  }
+}
+</style>
+<style type="text/css">
+.deck-container .goto-form {
+  position: absolute;
+  z-index: 3;
+  bottom: 10px;
+  left: 50%;
+  height: 1.75em;
+  margin: 0 0 0 -9.125em;
+  line-height: 1.75em;
+  padding: 0.625em;
+  display: none;
+  background: #ccc;
+  overflow: hidden;
+}
+.borderradius .deck-container .goto-form {
+  -webkit-border-radius: 10px;
+  -moz-border-radius: 10px;
+  border-radius: 10px;
+}
+.deck-container .goto-form label {
+  font-weight: bold;
+}
+.deck-container .goto-form label, .deck-container .goto-form input {
+  display: inline-block;
+  font-family: inherit;
+}
+
+.deck-goto .goto-form {
+  display: block;
+}
+
+#goto-slide {
+  width: 8.375em;
+  margin: 0 0.625em;
+  height: 1.4375em;
+}
+
+@media print {
+  .goto-form, #goto-slide {
+    display: none !important;
+  }
+}
+</style>
+<style type="text/css">
+.deck-menu .slide {
+  background: #eee;
+  position: relative;
+  left: 0;
+  top: 0;
+  visibility: visible;
+  cursor: pointer;
+}
+.no-csstransforms .deck-menu > .slide {
+  float: left;
+  width: 22%;
+  height: 22%;
+  min-height: 0;
+  margin: 1%;
+  font-size: 0.22em;
+  overflow: hidden;
+  padding: 0 0.5%;
+}
+.csstransforms .deck-menu > .slide {
+  -webkit-transform: scale(0.22) !important;
+  -moz-transform: scale(0.22) !important;
+  -o-transform: scale(0.22) !important;
+  -ms-transform: scale(0.22) !important;
+  transform: scale(0.22) !important;
+  -webkit-transform-origin: 0 0;
+  -moz-transform-origin: 0 0;
+  -o-transform-origin: 0 0;
+  -ms-transform-origin: 0 0;
+  transform-origin: 0 0;
+  -webkit-box-sizing: border-box;
+  -moz-box-sizing: border-box;
+  box-sizing: border-box;
+  width: 100%;
+  height: 100%;
+  overflow: hidden;
+  padding: 0 48px;
+  margin: 12px;
+}
+.deck-menu iframe, .deck-menu img, .deck-menu video {
+  max-width: 100%;
+}
+.deck-menu .deck-current, .no-touch .deck-menu .slide:hover {
+  background: #ddf;
+}
+.deck-menu.deck-container:hover .deck-prev-link, .deck-menu.deck-container:hover .deck-next-link {
+  display: none;
+}
+</style>
+<style type="text/css">
+.deck-container .deck-prev-link, .deck-container .deck-next-link {
+  display: none;
+  position: absolute;
+  z-index: 3;
+  top: 50%;
+  width: 32px;
+  height: 32px;
+  margin-top: -16px;
+  font-size: 20px;
+  font-weight: bold;
+  line-height: 32px;
+  vertical-align: middle;
+  text-align: center;
+  text-decoration: none;
+  color: #fff;
+  background: #888;
+}
+.borderradius .deck-container .deck-prev-link, .borderradius .deck-container .deck-next-link {
+  -webkit-border-radius: 16px;
+  -moz-border-radius: 16px;
+  border-radius: 16px;
+}
+.deck-container .deck-prev-link:hover, .deck-container .deck-prev-link:focus, .deck-container .deck-prev-link:active, .deck-container .deck-prev-link:visited, .deck-container .deck-next-link:hover, .deck-container .deck-next-link:focus, .deck-container .deck-next-link:active, .deck-container .deck-next-link:visited {
+  color: #fff;
+}
+.deck-container .deck-prev-link {
+  left: 8px;
+}
+.deck-container .deck-next-link {
+  right: 8px;
+}
+.deck-container:hover .deck-prev-link, .deck-container:hover .deck-next-link {
+  display: block;
+}
+.deck-container:hover .deck-prev-link.deck-nav-disabled, .touch .deck-container:hover .deck-prev-link, .deck-container:hover .deck-next-link.deck-nav-disabled, .touch .deck-container:hover .deck-next-link {
+  display: none;
+}
+
+@media print {
+  .deck-prev-link, .deck-next-link {
+    display: none !important;
+  }
+}
+</style>
+<style type="text/css">
+.deck-container .deck-status {
+  position: absolute;
+  bottom: 10px;
+  right: 5px;
+  color: #888;
+  z-index: 3;
+  margin: 0;
+}
+
+body.deck-container .deck-status {
+  position: fixed;
+}
+
+@media print {
+  .deck-status {
+    display: none;
+  }
+}
+</style>
+<style type="text/css">
+td.icon {
+  height: 50px;
+  width: 60px !important;
+}
+.icon.tip {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKZUlEQVRoge2aa3BU5RmAn3Pbs7fsJmwCRGITk0hVLFAtNWoq6pAiU0cKaYfa6ShT+YN4YbQw9F/8QX+UMv6gM3Q6oxMV6TgIbe10Gq2gcSzDpRaFgmIk4SKB3LP3Pff+SM66m+xuFvEyzvSbeefsbva8+z7nvXzf934RHMfhmzzEr9uAqx3/B/i6xzceQP6iFDmT1cBxHNzCkFsgBEHIXnNeC1f7u1cN4DiOY9s2rliWhWVZWRDHcbJGC4KAJElIkoQoioii6IiieFUgnxvAtm3HNdg0Tbq6uuju7ubYsWP09vYyMjKCpmmoqkokEqGhoYGFCxfS2tpKW1sbiqJkRZIkZxLoikGEK50H3CdumiZ9fX3s3LmT3bt3U1V3A0033cKc2nkEQxV4PSqSJOI4Dpquk0gkGLx8kZ4T7zF87iSrV69m3bp1NDY2oqoqHo8HWZa5Uo9cEYBt245lWRiGQUdHB9u2beOe1Y8w/6bFVAT9xJJpYvEUiVSGjG5gmBY4DqIoonoUfF4PoYAfRRE5/8kp3njlD6xfv54tW7YQCATw+XyuR8r2RtkAtm07pmly5MgRHn/8cZSaZpbcfjd+n5f+wVEGRqJkdCMv3vME8t77vB6qQn4+OX6YsXPH2bp1Ky0tLQQCAVRVdb0xI0RZZdQ1ft++fSxbtozrlqzgrnvvI5nRee9UL+f6h9B0A1EQEIsBiOKETL7XdJOBkTg1jYtouu1+1qxZw549e4hGo6TTaUzTxLbtGZ/ujEmca/wvHnqYnz/2DLNn19B74TIDI9HPjCvwlLMls4RHdMNC8IRZ8dBmnnp6E7Zts2rVKgB8Ph+yLDulPFEyhBzHcUzT5PDhwyxbtow1j3YQqanmozOfEk2kChuLQ3x0lGQihmM7qF4vVdWz8fr9hYFyoK30OG/ufpYXXniB1tZWwuEwXq8XWZaLJnZJAMuyHE3TuPPOO2lcsoLGpmZO9ZzPM37q0x0ZuISla2xY2077j5ZSFargZM9Znt97gE8uDBb3ziRIfPAcF4/v59VXX6W6uppQKISqqkiSVBCgaA64odPR0YFS00xjUzNnLlwmmkznxbKYI45jk04mefaZJ3j04VXMqZ6Fx6Pw3QXXs/3Xv6Tp2rnTALL3T8wDBCLz8M2Zz/bt24nFYjPmQ0EAt9b39fWxbds2ltxxD0NjMQbdmC+QlIIgIIkSoWCAH971/Wk6PYrCg/f/oHiVmhSP6qWm/gY6Ozvp6ekhmUyi6zq2bWeXK+UAYFkWO3fu5N72dQT8Pi5cGp6xuoiiiBoMktH0gl5trp87DbqQBEMRbl32U3bt2kUikUDTtOzypGwAwzDYvXs3316wiEuDoxiGWVaZrAjP4qW/vFUQ4NAHPdlwKQWiqF4qa+ro6uoikUiQTqcxDKM8ADd8Xn/9dWZdewMVwSCDo7GicT8NSBTZt/8oT259jgOHThBNpIgmUjy3dz/P7z2Qr2My7gs9FNUXoPpbN9Ld3Z0FKBRG0+YBN3y6u7tpWnAr8WR6+gxLfr03TYNMMolhGFimiWVbXDzbx4G3/4XgOIiyTF3DdW45nHG2RhBQfX6q65o5evQoy5cvn9BtWUiSRG5FLQhg2zbHjh3j+tsfKFrv3R8EGL7UT23NLNraWmi+ro5r5kSYHakiVOHH7/OiyDKxZIonf9NJIpWZMQcEwOPx4vNXcPr0B2QymdxEzrO34ExsWRa9vb3csjzEaP9w1sUFZ1RBQJJk/vjbTdTXzS2kDoBQwI9HmcEDOSJ7PAiiSH9/P7quY5omlmVN01soB3Ach5GREbyqiqabM8a+NxAglcmvPOf7h9jR+WdOfNQLwNtHTzIeT+XFfdGCIAiIogSOQzQaxTRNdy4ozwO2baNpGpIkY1j2RAJTeJ0jCAKRmtmcPHORmkglxz48y/5DJ3jrnUPMb7iGxx7+MZZls/efR0rG/VQPgwMC2eQtZHxRAABVVbM3lEpgV178azcvvfYOgiCgZTJomsbGR9oRBIHzl4YYGo2VlcCuWOaE5xVFwbbtqVHiCJOZXBQgEomg6zqSKOIUMrqER+LRKItvaubW78wH4NLQWNmx7+q1DB1ZkgmFQohifqS7xhcFEEWRhoYGEokEqkeeWPLmurcEiGPbpJJJfvbAPVl95/qHJyYvmH5/EdG1FA5QW1ubzZvc8pm1deoHroKFCxcycPkiPlWdnmC5iTxlVk2n0wT9Xu69Y3FW51g8OfH3ye+WnAgnRcukyKQSNDU1Icty7n65NACAJEm0trbSc/zfVAT9JZ/U1NWklslwx/duxqMoWX0Zzcy/bwr0VCDT0NDTSS6f/ZBFixZlN/ySJJXnAVEUaWtrY6DvOIoiFlx5FhPLsrjl5uvzdPq8nsLfL6I3FR1FlhUG+v5LS0tLtmtRlgcEYaL5pCgKq1ev5lzPKfxeT8FwKSQA115Tk6eztjpcsubn6rUMnfj4MLHxIZYuXYrX683rVpQDIIiiiKIorFu3jn+8vIPKCt+0cCkG4m4Bc0fd3OqCoVIIJDo2iCQrvPu3F1m5cmVeu6VQz6hgDrj1t7GxkfXr1/Px+wdRPcr02C+wmgxVVnLm3KU8ffNmVxX03lSgRHSEVGycoYt9tLe3U19fTzAYzAKUVYVyw0hVVbZs2cJw7/uYyZGSIeCCeFWVd499jGGaWX1zq8OfrYOKeC+TijM+cBHHsRju/Q9r164lFAoRDAbdPfEVAQiiKOLxeAgEAmzdupW/v/A7RLPEyjTHuGjKYMfLb3B5eBzdMNl/+CSmZReN+0wqztDFs4iSxIE9O9mwYQPhcJhwOEwgEMhN4GkEZXUlYrEYe/bs4elfbWLFQ5tQKyJlVaRy+kSJ6AhjA58iihJdf9rBUxufYPny5cyZM6esrkTJxpabzIFAgFWrVmHbNps3b+bun6wnVF2H4lHLmlULgZiGTmxkgGR8DNu2efOV3/PUxo20tbURiUSorKwkEAhkk7fYmLE36rZX0uk00WiUgwcP0tHRQcW8G5ndsIBgaBYe1TvtyRYDMXWNZGyU+Ngwkiwz+GkfQ73vsWHDBhYvXkwkEmHWrFmEw2G3M1eyR1pWczcXIh6PMz4+zvbt2+ns7OS2+x6kanYdqjeA1xdAUb3IioIoSjg42JaJaejomTRaOoGeTiHJEvGxYd55rZP29nbWrl1LOBymqqqKyspKKioqyjK+bIBcCE3TSCaTxGIxenp62LVrF11dXdTUL2BO/Xx8/goEUcSxbYSJ2EGS5IlzgnSC/r4PuXzmOEuXLmXlypXU19cTCoUIh8OEQqEr7k5/7vOBdDpNMpkkkUiQSCTo7u7m6NGjnD59mv7+fqLRKIZhoCgKoVCI2tpampqaWLRoES0tLfh8Pvx+P8FgkGAw+OWfD7gj94RG13U0TSOdTpNOp8lMbmQ0TcvbArrrK1mW8Xg8eL3e7BLB5/N9dSc0uSP3jMwwjKy4G3AXwB0ugAsx5YzMndW//DOy3OFMjGwrxrKs7NX9LBfAneFFUcxec6rU5zqpvCqAqTCT16/0nPgLA/i6xjf+Xw3+B2ll/uiqTaJTAAAAAElFTkSuQmCC") no-repeat center center;
+}
+.icon.note {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAJhUlEQVRoge2ZWWycVxXHf+fce7/vm/GaGCde4pI0aQlJC0kRtE1L00JbLIjY4QkeUB9YHhAIJFCExAsKUkE8IAFFPIDUIqhBRSDRBUqCCimFFBCBpCWx02IaZ3G2SdyxPZ7vHh6+mcnSZnFjKIge6Wj8zYzvPf9z/me5d8TM+F8WfbkNuFx5BcDLLf/fAEZGRmx4eNh6enqsp6fHhoeHbWRk5D9aFeSlVqHNmzfb6H33sHnT7ZQmD5GfOMax6Sm+Pl5h1Yc+xpYtW2SBbX1ReUkRGBkZsdH77mHLW95EOv4Ms3ueJh6YYPHUFF9aljJ63z3cf//9/5FIvKQIDA8P293L2yhVjjH7t51ocDiviFecF46n7XzBreChhx4qNhH5t0XjJUVgx44ddGUZ9b/vIpQDoRQIWSDJAiFL6B9axo4dO4gxAmANWVDLG+Ln82URMRGhVCqRHxonlAPqFXWKC4r6IhI6OMjMzBN4/4LlTUQQEZxzZ32QJAlpmrb+p16vU6vVOHXq1AWjN18AnDj0F971vrs4OnmYJVkoDA4FCPUO172ICgnt7SV++4vvsGhRJx3tJbIsRVVpsUnOBBABBVFEClKYwbKr7sTM7EIUnBcA7z21k7t49x1X8JXvbOWra7rw5QRtcN8PLCfvvZJvb9vJycpJpg4/hp/N0I4SMQs4Jw0A5zBXHGiCaIZIKABgpGlKjPEF0TpT5pUDRXiVt99+Le03r+WzuytM1gO6pB/3+o0cbxvk8yOPMjW6i2iR2lxOjJDHSDMFogmGwzQ7rRJAUpAENAGXIZq2AFzQpvkACCEQcahP+cRH3sKHn9zHXU+MM7rtGeD33NDXzaZynZU9gcezpUw9X6OzIyOakkfF4QEpPG6nDRNNEA2FSgKimETSNCXPc0II57VpXhEolUqoOrxPSLOMT330Dv5SqfKDNR388Y2L+caQsjITNv3pMBs3rOT56ZyZGaM+J0QUxDc0INrWUgggoRGBAOIRAt77hY1AmqaoeJxPcN645jVDbNn8Hj73o8fZ/af9mEE9j9y2YRXt5YzZWmRmzjj1/BwhTXAKzitOHEbeWlc0AVwDnCv8KoZzjotV33lTSL1HNKAuEtKM1169jM98/E6mTk3x4Nbd7Bk7TEdHRvAeVY+hmDqmZwx1kIkiqrhzS2zL+AbNMC6l/80LgHMOEY9oQvBCks5RKpXo7JhFxbhz42pet2aQet1YtLiDJAkIDq8BHwJmwlwOUaD0ojsrNKuUReIZyb9gABCHcwWFgg+0lTPyvIRToVzKWLpkMfV6REQplYvmZCj1uuBUSdJwTg8AXBdoCZMOsBkQBeGi/J83gBgjmABC8AlJGsjzFLMyaXDM1etEA0VR50iCx6mSZhkiijpPjEpQD+SF4WdJrTAewdCFB1CtVlFVVATnhMQnWJqC5aTBk+c5IIgWRoTgSZJAmiZAo1s7hwsppglI+fTiljeYnyHkLQotKIAYI4igzpFHISQOiwEnKTEG8hhRVZw6YjRQLfJGHcF7jleqTBw8znXr12MABnv37efYiSnesG4tiUsRUQwD7JIAzKsPqCqiRbVwweM04XdPjhJN+dvTBxgbn6G9q59yZx9/3HWEb33vN+zc/RzOJ+w/eJLtO8Z5ZNtT7PvHIUQTvvv9X/Lc/mN0d3by3fseRLQwvWh0Fy+h8wbQ2VFG1KM+xfuAqufo8So/fejPPD/rqJys8pvf7eLAoeNMHqnw2U9+kH3jVQ5MClMzKUla5obr13HliiEMmDx6gltvuY7Vr1nBQF8PJopQ9AFTt/AROFfMjCW9XTy19xB33Hodb924jr1j+/nDk3/nzTdei4jw3nfeyCOPbufa1y5jzeoVrcHM8HR3dfHlr/2Q+x94jFtuuh44/9B2PplXDryYLF3STXd3e+t5UXcHY89OsOH6NS2Qed7wpM1Rm50G4MGHH2P961Zy3bqreXrPP5mrzwLt5y6/cACq1eoLCKm+TN/SAebmfn8aUG83PYs7+cnPH+eqKwd5as8/edc7bi02847pmVkATk1VWbF8AOcca1Yv59DkqcYK0tCL02deACqVCldc0YdIwLmEPM9RV6NnUZlPf3wT6oqJcePN6wHhzTeu4/CRCrfctJ4sSxBRli7pYfHEMUSU97/7Th751RP8eec+Yp5zzTVXM9DfDyogBvHS6HTJACYmJnjVoq5GFw0454gCEOnoaMfiNGZFFRFxJGkbywZ6i1NWoy9kWYmbb1gHKCHApuGbisVFGyoYUswa5OR5ftF56JIBjI6OMtDfWwAQ35jnc8AVpRXBohVqUowECKqK4RBxoE0W6gvGCcEjaOEAwEQWdpgbGxujt7erOLO2mk3R8i0Wz9EiuUGz+qlKEQEUaJbI4lTHmTVePKgWzpDGJGpc8CDTlEsuo88++wxXDA0UIUbAOP23KGZKjI48KnkuhcbiPbPCOBoeBikOLk2VxjqNRilaAEqSZGEAbN261bZt+zW33XY7IAXXm6Ou0YhIMamaaUOl5WRrzg00viuKWWxpQUOHNAZFQRpD48Xlkig0MTHBB95zG+VSylz1KCbWyDOh2XyK+56IqjWMKigkUnzWnPPFFFRRLZ29SQRUELOGY4pZ6LKOlM07mZ07d/KOtw1TcB4sGkTDiDQ9K1IkrKeYmQC08d7pZLSiRBpE5s7aS0XAHFEKAGY51Wr18g80Zmb33nsvX/z8XdSmj2AWOXhwkrxe46+79jB55Dh/3T2GxUhHextdXW2sXN7PNWtWIQKDA71FFBoAjIgQkVg/a5+oHrU5zIznDhxk964xKpXKggAoTlWW8+OfPorlOQ//cjsDy1bS2dFOW+diVly1iL6+Pqanpzl5qsL4pPHwN3/G1InDlMsZ7Z1tDA30cfWqIa5dexV9fb2YnT7UTxw4xsHJo4yOjfOP8QOMjx/k4OQx7r777lY0zycXvJ02M4sxMjg4SL1eR0TYsGEDw8PD9PX10d7ejogUN3a1GqpKCIE8z5mdnUVVqVarbN++nba2Nvbu3csDDzyAqrJ8+atb+zjn6e/vZ/Xq1axatYq1a9fS29tLlmUMDQ1RKpXOm9EXvV6v1+tWr9eZnp5mZmaGWq1GjLHF62aiNZ+bnPfe45xrvTZzxMyYmZk56+LXzKjX661DvHOOJElIkoRSqYT3/vLvRlW15eHCa4VxzdvmpjZDfubzuXeb3vuzqCEixBhbo0NTkyS5PAr9L8j/96+U/w3yCoCXW14B8HLLvwDd67nwZIEPdgAAAABJRU5ErkJggg==") no-repeat center center;
+}
+.icon.warning {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAMVUlEQVRogdWZeXDVVZbHP7/f27JBwtJIiCERRFlbx5FuHRrRBgtBsRIwCCOrFmGmiDBjYVNlQlgiQjU6IjI4xLJxGf5QGp0Cbaftsu3Rhu6aYXqgLZoWEsjyyDP7S972e7/l3vnj5cW3Ji9M/zOn6lRS997fvd/vueece+59ipSS/89iv5mPZEQQQsS23RQARVEAUFUVRVFQog0ZyogJSClld3c327Ztw7IsLMuKto90KgBsNhtVVVXMnj2bvLw87Ha7HBEJKWXGKoSQXV1dcsuWLfLSpUsyKkKIIdWyrLTqdrvlU089Jc+cOSM9Ho8Mh8NSCCEzxTRi8JWVlbKtre0vAt6yLGmapmxtbZXr1q2TZ86ckW1tbSMikTH4GzduyKqqqkHwsSA1TZOhUChOg8HgoBqGIQ3DSAk+VleuXDliEspwviullD09PbzwwgscO3Yszt91XScQCNDZ2YlhGIPfuFwu7Pb48FJVlZycnEG/z8/PRwiBqqqDYzweD88//zyrV69m7ty5jBs3DofDMWRgD0lASik9Hg979uzh2LFjcYEaCoVob2/n2q9+hbZ585BGSCWltbVMr61NtSYbN25k7dq1zJkzZ1gSaqrGWPD79+9PAh8MBuns7OTie+8R2rwZCYOaqTTt3cuf6+qSwAMcP36co0eP8vXXX9Pd3Y1hGMg0lk65A1HwdXV1vPHGG0mW7+jo4A8/+xn2BAAAI0riQOnu3cyork7Zt3btWtavX89dd92VdieSCEgppdvt5sCBAxw5ciSuLxQK0dTURMOHHyJ37hwh1NSiAKU7djDzxRdT9q9YsYJt27YxY8aMlCTiCEgp5eXLl6mvr+fVV1+NmygYDNLW1sY3J09ipLEYQDPw2sBfCTwMLARKgKwhiNxWU8OsXbvi2qLYnnzySSorK1PvRGyqvH79uty6dWtSLg8EAvLKlSvyo1275M8hSV8H+eMBvRPkP9Vslp0tV6W3u12+c7hOTgT5NyAXgtwE8gTIUyn0D9XV0jAMqet6klZUVMjPP/88KcWqUcs3NjZy+PBhDh06FGeFqNtcOnECY8+euICVwDWgFtj/m1/wD+8f5xtg6uy5ZI+5BSkkU6fexgu7tvLWhd/x1tXL5P/905wAggnzSODavn388Sc/SblDL7/8Mq+99hqXL1+OC2zb7t27uX79+u7Dhw+ndJvW1lYaP/qI0EDKS1z0XeDjC7/l9llz+d6EWxjv0imdcgeFRcVofR46vm1Cx8ndP5hP3qjR/GDuX/GbC5/iberl1qirxGjv73+PYRjc8tBDcVhGjRpFRUUF27dvp7i4mPz8fFwuV2QHVq1aldLyDQ0NXDt5En91NRIQCRqNHld2HsLUCfu6GD9mNIoVQggDy9RQpYLTbkdV7Vh6CH9vJ/fcfz/vALsAN2AlzHv1wAEu1tTExUI0Hl555RXq6upobm4mEAhECEyePDkOvK7rtLS0cOP0aby1tUnAo2oNkFAUSTjoRfN+ix7wgjRBShACVVFQRGSkHvTypwtnmXHPQhrbb3D0k1McAdpiDBLVhp/+lIvV1UlV7oQJE8jNzcXtduPz+ZIPMtM0aWhooPH99+mtrU1ymVRqUxUQFlJYSBFGCivGOSyEaSCFAGlhd+Vy7w/n43BmM3POXWx69hl8AyMTDXTl4EEu7t2bCBGAQCCAruupCdjtdrp3705r+ViN22YhsUwdyzRBCpACyzIRMnpngCxXNjYlMk4L+ggoYXxp5pbAlX37cDgcSQSEEAxmoVgQg/9nAP67bVdAUcFmQ3W6IgtIiWUKLCGwLGvQj69e+m+EsBB6iGB/N/3e9oyNlIgRYm5kiR2JH0L6MkFYEi0UQKAycdJUbIodT3Mjpu6n3xfCptoRlomQCqZpRkhLCykMhLBQSV1HJbalKnvSF3MpNO0OSIEwDWyuPCaVzCRv7ER8Ph+mtJM35lZsdjvuxktYhobDkYOCgqJEDWLLaAfSVc1p78SJO2AAvUBggLUNKIx2Kgqjv3crY2wOiqaqKKoKihKJCctCC/npbW+jq7sbS7UjkGCZCCkQQkdJsV6mRWHGBH4HLHpxF3LcGDq6u7nw2S85++V/4gb0kB9hFoAZwuZwgc2BqjpQVRWbzYXd4cDlysHn7WJi0W2EfH24XA6EjKySqhTPtDRPIjB4XUtoPw3sKV/O+KJipJT4V63mq3/7Obu21/LN/5xl9l/PIys7G2fOaBS7E5vNQrU7UW0KNlUFp5P8MeO5/8HFhPo7CXr7MMIaQW8neSkMlqnEEYj1s8QJbwXaWpopmDgJh93OqHGFLFy9jjunTeHNo2uAvUy54/uMuaUYV24BUpVYpoVEwaY4UVUbitNJ9ugxOBw2tEAPfX29QCjuVB9OEmNBTdeRGEj3A56OdkwtgDDCCKFjz8ql6N55/G3VcRouX+SXH72Ht6udcCg4cJiJSPIn8oCloIKUKAhURUUIiVCjx128pjtrEiVtFkrMNNOBA+s34XG3YIRDSMtAkSbOrDzuvOchHnmiklEFY3n76G7Of/nv9Ht7EMJCSjGoljCxjOBAnaSjhYPowevDZrx04FMSGLwnJEzmAOYCn33wAUYoiGXoSMsEoeNwZTO2aDrzFpWxck0VJVOn4fd2E/T7oneNyOFlGkjLwNTD6FoILRQEa/hDcyhJIuB0OlFVNeVE04B3XjnC+d9+hRYKYJlhpDBBGDidDiaUfp/xk24nJ3c0eaPzsKsgzEhtZJkGIuzDNDRCAR99fb309XYhNAYPsnQ6IgJSSgoKCihavDilJZ4Aajf8HVf/fAnLCCNNAyktECaqIsgbV8So0WMHrn2RGLBMHREOYBg6eiiIFgzQ7/US8vmYoEDuENa/u6oqcwJRPysoKOC+N9+kcNGiJGvkAQuADY+twn3tCuFg/4CVDbB0VKHhzHbhdGVhs6kgDKTuR9f86KEAWtBHd0c73p52pB5Av5KewJxnnmHeoUOEw+EkjHEEYi8MEHlFKyws5IfHjlG4cGHSxJOA1cATPy7nT388j+73YoYDCEuP1DhSRrKOlFhmmLAWQNMCBHw9tHtu8K2nBcsI8uGxf8HoiRBINNTtjz7KQ/X1xL6iRDHGvubZAfr7+1Nuz+TJk6G+nv/atInmX/86rq8AWAlUrahk/Fio/8XHjM4fi93pHCgRFCzLQtd1tFAQLeCjs9NNb4cHxdL44J8PozfD7XyXRqNy97p1PPz220gp0XU9zriKogw+SaqqGtmB48ePU15enkRASklRURH31tcz6cEHk1JrAfAUcEcPLLjvMU69/694uzsI+X3093TS5blBl8eNt72VHk8Tfd9eR+vv4MQ/HkZpiJwttgTL3/Hoo2nBNzY2smjRIhYsWEBBQQEulyvyLuT3+2VTUxM7d+7k5MmTKXNuS0sL555+mtYvv0zqE0A7kavhqFL4oAlCCWOygGIiqTiHyMnuTBgz/bHHKDt9GillnN8D+P1+ysrKWLJkCdOmTWPWrFmUlpZGCAghpN/vp7m5mZqaGl5//XUKCwtJFLfbzX+sX8+Nr75K6rtZiXr49KVLKf/4Y4QQ6LqeBP6RRx6hvLycadOmMXPmTEpKSsjNzf3uZS6WRHV1NadOnUpaTEpJa2sr5zZupOkmSaQqk2csWcLyTz4BQNO0uL7GxkbWr1+fErzNZlMGw1lVVSUvL4+SkhL27dvH8uXL8Xg8ceABiouLue+ttyieN2+IK2Z6TRx/5+LFacE3NDRQWVmZFjwknAOxJF566SW2bNnChQsXkmKipKSEB959l9vmzcvo1pZOpz/8ME98+mla8Bs2bGDZsmVpwUOa5/VEd0oXE319fXxWXs43Z88m9Q0n03/0I1YPJIRE8OfOnWPHjh2UlZUNCT4tgUQSO3fupKqqigceeGCwP/a7VM8emUg0VcbK+fPn2bp1KytWrBgW/JAEEknU1NTw7LPPMn/+/GFBZQI8lZw/f57nnnuO5cuXM2XKlGHBD0sgkURdXR2PP/44FRUVNwV+qP7Tp09z8ODBjNxmRAQSSRw4cIBly5axdOnSvwh4RVH44osv2L9/P2VlZRlbfkQEEkls376djo4OQqHE83bk4nK5EEKwZs0aSktLRwR+RATgOxItLS1cu3aNvr6+wTfK/4tEfzeeMmUKkydPzhg8jJAAREgEg0H6+vrQNC2pFL8ZUVWVrKws8vPzycnJQVXVjH/s/F/lgJiyQFHragAAAABJRU5ErkJggg==") no-repeat center center;
+}
+.icon.important {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAALa0lEQVRogdWZa2wc1RXHfzM7O/teP9e1vXHSmEdjx3YeDkkaF6REKRRCEDSEFNkRjdSWSsgC2iqoRWqLQKiqIBg1NOQDiMeHtkQIQkRRS9S4aWwgCQoUgl232KkT28J21l6vd3d2dx79sDuTXdtre03Uqlc62tl53Pv/n3PuOffcKxiGwf9zE//XAL5sk65WR0a6AaDrOjMtKwgCoigiCAKCIAhXa9wvTcAEHhoc5KMjR7jw3nucf+MN67k/GCS4YQOr77yTpl27kGUZm81mXC0ywlLnQDbwEwcO0P2b3yz4jV5RwZq2Nm5/5BH8fj+SJGGz2b4UiSURMAzD0DSNEwcO8MdHHln8d0AcsAUCfOe551h7yy04HA7sdvuSrVEwAV3XjdDgIC/v2cOl06dznqWAJCAAMvn9MwlEgF1PP8037rsPt9uN3W5fkjUKIqDrujF+4QLP3XQTU0NDOc8UIAa4y8sJtrQQqK/H7XQSfv99Pn/nHQRRxNB16/0EEAUatm9n76uv4vP5cDgcBZNYNIF84I0MEK20lIZvf5sNe/dSWlqK1+vFxBEZHubT3/+evqNHmR4dJRWP55BevW0bra+8gt/vx+l0IknSokksikA+8ElgClixYwc3799PZWUlTqczbz+x0VFOPvEEQ6dPE/niCwxdt0jUbd1K68svU1xcXBCJBQnMBz5eWkrL/v2s++Y3KSsrQxQXlxc7f/5zBjo7CQ8NoadSKKQn943t7dyyf79FYjHuNC8BwzAMVVV56Z57+OzNN3PAJ8vK+FZHB2s2b55X6/nahRMnOP7TnxLOKEXJyO2/+hVf37uXoqIinE6nmfzyksirMjNUvvGjH+WAVwG1vJxbDhxg1bp1uFwuMwQWJCu3bWPN3r24SkoAcGbA/OXXv2bws8+IRqOkUqlZGX1RBAzDMHRd51+nTvHewYNX7gPTQMO+faxav56SkpIlgTdlU3s7TXv2IGUs6AGioRDH2tuZmJggFouhqirGPCzyEUBVVX7X1pZzPwI0fP/7bNmzh7KysrzADh8+zP3338++ffs4ePBg3vdEUWTDD3/IsuZmRLsdW4bEpd5eOp99lnA4jKIoaJqWl8QsAqb2Txw4kDNp40BxXR0bWlspLy/PC+qZZ55hdHQUSZIYHByko6ODxx57bBZwcy3kq6xk6y9/ib+qCgQBmbQ7nT50iIs9PUSjUZLJJIZhzEliLgKMDQzwp5/9zLqnkQ51W3/xCwKBAE6nMy+B3t5exsfH6ezspLe3l3g8zuHDh2cBz5bKpibWtrXhLi0FwA3owNsPP8zExATxeBxVVecyQC4Bc+L+taNjluvU33031dddN6/2BUGgpKSE/v5+JicncweaA3i2tDz8MIHrr0eU0gsQBzDW10ffyZNEIhESicScrpRDQNd1xgYG+OC3v7XuJQBXIMDWn/yEioqKeUGMjY0hCAKKoszS1MjIyLzfAmx/4gmKli0DQcBJOmicfOopJicnicfjJoG5LWBq/+Szz+a8oABNe/bgdrvndR1BEKiqqiIejxOLxWYRCAaDC0alqjVrqGxowFNWhkDalUKff07f3/5mWSFTLFksLAK6rjN+4UKO9lXAUV7O2tbWeaNOthZlWZ4FHlh0aN3y4IPIHk+6L8AGvNfRQTgctuZCthVEU/u6rnPutddyBk0A9bt3W4us+QY2fbyurg6v15vTzw033LBoAsHmZoLNzdgcDgBcQKi/n391dTE9PU0ymcyxgkmAVCrF+4cO5WjfFgiwfoGwOTOylJWVUVtba1mkUAKCILClvR1veTkA9owVPnzllZy8YFnA1H5/dzfTw8PWgziwcutWfD4fsiwvCNyUxsZG3G43lZWVVl933XVXQQSq161j+ebNlhXcwBdnzxIOh60lhmkFEUDTNP7++uvWgBrp6mrNHBk3H/BsAtFoFEdm8GAwyMaNGwsiIAgCjbt346uosKwgAp8cPWolNj1THInmsqHn6FGLQApY1thIxcqV+Hy+WX6+0ETesWMHLpcLWZZ54IEHCgYvCAKrbrsNyem0JrQEXMzkhKzlBaKu61z+97+ZHhnJmbwrtm2zJu5CWp8pra2tNDU1sXPnTtrb25dEQBAEvrplC57MXJCB8XPniEQixONxa6Uq6brOQHd3jvvoQP2ttxZUpMxsL7zwwpK+AyxLXrt9Oxe6uxFEEXvGZc4fO0bVD35AMplM1wuapjGYtbugAp5AgKLqaquu/W/JTEs37dqFqihWzSADk8PD1jzQNC3tQtmrThUINDbm+H4h0tfXx6OPPsodd9xBW1sbPT09BQPPluu2b7fWRxIQ6usjFotZBCRN06wZbbZAfT1FRUWWKQtpzz//PMPDw/T09DA1NcXo6CjHjx+f11Xma95AwHJjEdB0HUVRrhCYuRGrAiXBoFUqFtq6u7sZHx9nJBMUurq65uxnsX0Hm5v56A9/ANIJLXrpEolEwgqlUqZQyPlo6OOPlzx5ly1bxnBWQmxpackBW6hSBEC02axrpqasNZGmaek8kN0kYPDjj1FVdUlz4Mknn6Surs4Cb5aUhYZiUy59+GGOgm3V1WiadiUPCILAV9autV5wAaM9PXQeOWJprBBpaGjgxIkTpFIpOjs7aWxsXBJwUwZOnUKZmgLS2zl4vUjSlV1XURRFqtavv3IDKAVe/O53efPxx69aSCxUBs+c4dV77+Vyfz+xy5eBdG3iX7ECm81m9S2JokiwuZmiujrCPT1AuqgOAqcef5zzL77Imt27uemhhyipqVnYZ5cw8bPbR0eOcOall7g8MEB4aIhEJAJk9qOAwKZNyLJsHpQgRKNRIxQK0XPmDH/+3vdQQ6G8na/YtIk199zDypYWVmzceFWAT1y8yMWzZzn/9tv0vfsudqeTlKIQHRvL2QSOAqU7d/K1W2/l2muvpba2Nl3iJhIJIxKJMDw8TO/Zs3zw4x+jTUzkHVCw2fCUleHw+QiuXYu/upqqhgb8VVUYhkFNczPFweCs7z556y3r+vyxYwiiyD+PHwdBwNB1krEYhqYRC4UwdB2D9LJmmnRtXHz77VTfeCPLly+ntraWmpqa9MaaqqqGoiiEQiGGhoYYHBzk00OHiHR2LkqDNlnG7nJhd7nQswqN+ZogiuipFMlYDDWRgBl5KEF6woqAUFFByc03U756NZWVlSxfvpyamhoCgQAejwdB13VDVVVisRihUIiRkRGGh4cZ+sc/GO3qIt7VhZGJAle7mVpWuVKDCBng8jXX4N68Gc8111BUVER5eTnV1dVUV1cTCASuFFqGYaDrupFKpYjH40xMTDA+Ps7Y2Bjj4+OEw2EmenqYPneO1OAgZCWpxTY9S9QMcLhyHGUDRI8HqbISZ309zoYGnE4nHo8Hv99PaWkpgUCAiooK6/DE4XCkI1HW2a6hqiqKojA9Pc3k5KQl4XCY6elpotFoetukv59UKIR66RLToRBJTcMYHUWIRvMSMPO6rbY2/SsIOFatQpYk5NWrkSQJWZZxOBy43W68Xi9+v5+ioiJKSkooLi7G5/PhdruRZdnads85HzD3hpLJJIqiEIvFiEajRCIRIpEI0WiUWCxGPB631iOKopBKpazUbi4Oc7Y+snKCzWbDZrMhSRKSJGG3262w6HK5cLlceDwevF4vPp8Pr9eL2+3G5XLhcDjMkxuETNibdcBhnv9qmkYqlSKZTJJIJFAUhXg8jqIoKIpCIpGwSCSTSVRVtWSuk3qTiAnebrfngHc4HDidTpxOJy6Xy7qWZdk6wZzrxCbvCY1JRNd1NE3LAWgSM69ngp+PgCiK1gF3NhFTzHvmO+Y3wCzw8xLIJpL5tYCZpEyw2f/nWt1ag2UtM0x3Mq1iAp1j+bH0M7KFCGWDnfmbd8AMnuxfUzL/C0rp/wFnFd4nEQn3XQAAAABJRU5ErkJggg==") no-repeat center center;
+}
+.icon.caution {
+  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKdUlEQVRoge1Ze1AV1x3+zt279wEiDWCYGzRVktqa1MEmmtbWR22ncXxUrTDWV/5IqG2wUAUfmUwSkk6V+EAJCEQC6figwZBqZtRxqukftebRZBpFG1S0hiRErwiaKK977+6eX//YPXt37+UiIJlMZnpmdnb33PP4vt97z2VEhG9yc3zdAO60/Z/A192+8QScX8Wifr+fWltbzffU1FT4fD72Vew15ASampqovr4eBw8eNPvGjRuHzMxMmj9//tCTIKIhu958801yuVwEoNdr48aNNJT7EdHQEdi/fz/JshwTvLiKioqGlMSQLFJfX0+MMRvQsWNSqXLzH2jez78fRWLTpk1DRuKOF6irqyOn02kDOP8XGdTz+VFSP91Hatu79NRvZ0SR2LJly5CQuKPJtbW1JEmSDdivHp1AwctHSblYSsqFElLOF5PavIvWZU+LIrF169Y7JjHoibt3744CnzXrIQpeOUbKhVJSmkpIPV9MyrnNpJwtIuVSNa15/MdRJLZt23ZHJBjRwIu5N954gxYvXgzOudm3aO5E1L5SBNZ1HoxrINLAyH6HJxVP/WkXtu9+37ZeSUkJVq9ePagQO+BMXFNTEwV+ybxHsPeVIjg6zwOkgSWNhuOuUUBCKhxJY0AggDSgpwWbn1mO1csftq1ZUFCA0tLSQZXFA0pkVVVVlJOTA6vWsmY9hF07N0AS4OU48LgRWLO+FPFxboxMS8G5hlPYmPMI4jwM1P0Jtj67DJyrKHvtNADdjPPz8+FwOCgvL29gmuivrVVUVESFyqxZD1PoyjFSL+7QHbapmJTml+n9EzVRtl676ZekNKwl5VQ+KSfzKHR2E+UutodYxhiVl5cPyCf6ZUJlZWWUm5trk/wTi6bgtVdf1M2Gq2DEwUgDNBWhUDBqjfSRwwGoIOEP3c3Y/uxirFw0zibMvLw8VFZW9tucbkugoqKCVq1aZQO/YslUVJU+D9bVBIDroLgK4hygEDweybYGY8AD6d8yftfASL+j+2O89NwiPJk51kYiNzcXO3fu7BeJPgkUFxdTbm6ure/JZdNRub0QrOMcGFcBrgLgAHEAGqD2ID7OZZszJi0RcR6HAV4DkaqPJxXouoSywkz8buF9NhIrV65EVVXVbUnEJHDixAlat26drS9n+U+xo/hZMMNhyZA+uAbAIKOGMCJlmG3eA/clAYaJEamGBlRdC6QBXZewo3AhVswfbSORk5ODDz/8sE8SvRLw+/1UXV0dBb5MgOe6LUNIEqpOwgCUlOCESw4HuAfG3KX7B2kAGaTJ0Jro77yI8ucX4DfzRtlIHD58GH6/PyaJXgk0NjZi79695vuUiffrkr91Vt8cHAwc4FZJGiZEKqDcwsi0ZHP+d749POy8MS7iGtBxARWF8/CDsQnm3BdeeAHWj6N+EYhspSVbgI5zYYkZGmAwzIEbwA0tUM9NfO+7aeb89HuGRQBWLcSNZxj3zvOYMzk5NpjBEHi99mXD5lXdjqGDJh42h7CEOXhnK3448X5z/shUb1jSpIEM8yFuzOUcjAsNcnR0KXdG4MEHH8TEiRPN9z0H3sfRE41m+GNcs9i0LjkGTTcrUoGem5g7/V5z/ohElw4O+jxGYQ3qJqmBjN/+cbINtcfCJvPYY4+hr3qtVwI+n49lZmaa71fbbuH3hX/FycbPQKSCoIIMQEQcehjVo5Gw8/F33cSvH03H2HuHY1icQzcvYWKGIMiITMwQwjtnruPpqk9w/ZZq7p2RkYEJEyaAYrCIWY36/X7KyMhAW1ub2XfP3Qmo3ZKFaQ+P0gmYIdSoOkU4lWSwxGRAdqHL/xm86k27w0blAw3/PncD6yo/xrsfdZj7paSkoLGxESNGjAgDZsxWK8X0AZ/Px44fP460tLAzXrnWgUX5r+PYuxf1mG/Gf80sofWy2YuWbg/+uONtPLHhPRw+0WIHL8hbwG95rcUGPiEhAYcOHUJSUhI456YZRWqiz+8BIqLm5mZMmjQJN27cMPsTE9zYtWE25k4bYzh3mABIBRwOHPgPx+LH/6yDiXPi6pHZcEpk+I5qmtGpCzdQecCPPUevmevLsowjR45gypQpcDgc5mVowKaJmBoQTEePHo2GhgaMGxcuum52BLHsqUOoP3oWgLB9Sz7QgpgxJoThw/SSIutnaXBKZEpcgD998Uvs+3ubDbzT6URNTQ0mTZoEVVWhaRo459A0TeCy4etVA+JH8RvnHK2trZgzZw5Onz5tjnPJDrxSOAPLZt1nSVIqwDmIVJw6dx1nLt3A3J/cjZThkhE29cvf3o2KA59ja91lcz3GGDZv3oylS5fC7XbD6XTC6XRCkiRIktS7Jm5HQLDXNA3Xr19HVlYWPvjgA4vEGLav+RHmTxsJX4rb8AsO4kbOIG6GzTD4HvzlmB/PVH9q2zc/Px/Z2dnwer1wu92QZRkulwuSJEGWZZMEY8wkEGVCVvCCAOcciqIgPj4e+/btw9SpU83xqkpYteU9HHm7Bf62rnC2RjikisTFSMPV9m4ceucannvVDn7p0qVYuHAhgsEggsEgQqFQlAlZnVm0PjOxIKFpGogIqqrC5XKhuroa06dPt4wDcl78F+qPNeNKe6cRoTjsZYOKK+3dON7wBQrKm2H5pMbMmTOxZMkSBAIB9PT0oKenB4FAAIqiQFEUU4hRRyq3I2AlIZ4553A6nSgvL8fs2bNtY9eVNaDub58YmhDZWpe+v70bJ5tu4clt/4WihqU4efJkrFixAkRkAg4Gg1AUBaqqmuDF/pGtX7WQNXeIZ0mSUFRUhAULFtjGPl3ZiJdev4QrbZ16zUQqrrZ342JLN5ZvaEJ3ICz68ePHIycnB5qmmZIW4EOhUJTZWEKo+Rx1KsEYY9Zk4XA4IEmSKXnOuRkVJElCYWEhvF4v6urqzDVK9n2Mzu4Qnl5+L9q/7MHltgBWbr9kA5+eno7c3FzIsoyI5GrTeCzgosU8VmGMmSGLiEwSsixH2WNBQQEA2EhUH/wc7330BaaOH479/2zHtS/CFabP58OaNWvg9Xp1EE4nZFmGLMtwu93wer1wuVy2ECpJko2IiTNWJrZGI+HEwi6FisUVCAQQCASwZ88eVFZW9lk9JicnY/369fD5fPB4PCbo+Ph4k4TH44HL5YLX64XX6zXH9EKE9aUBRkTEGLNJP1Kd4nI4HMjOzkZ8fDyKi4ttJ3eiJSYmYu3atRg1apQJzuv1wuPxwOPxwOFwmEBFHnA6nXC5XGYSiywlbns2SnoDANN0hMNZnS0UCpkaOnPmDN566y20tLSY2ktLS8OMGTOQkpICt9uNuLg4M2EJ8CJZSZJkZmFBwkrAWpH2+3BXEBEkRIhTVdVMOCL5qKqKy5cvQ1EUaJoGVVWRnKx/Jlpt3eVy2QCKu9C68AFr9o0spwd0Oh1ZYggCIlNaiQktiXdhZgKQABcp3ci7LMtM7B0JfsAErJoAYItG1mdr+hfvVlACtHDIXkploYXbHvQOikDEe6/ZmjFmAhf9ZvJxOk2Qol88W4kYz32SGNQfHLG+TyMTkAVEr88xQfVnkBg7GAKixSIykDYQsL21/wFkW/B5QqT9lwAAAABJRU5ErkJggg==") no-repeat center center;
+}
+</style>
+
+<style type="text/css">
+.deck-container .deck-toc {
+  position: absolute;
+  z-index: 40;
+  top: 0px;
+  bottom: 0px;
+  left: 0;
+  right: 55%;
+  padding: 0.625em;
+  display: none;
+  background: #ccc;
+  overflow-y: auto;
+  overflow-x: auto;
+  background-color: #DDE4EB;
+  border-right: #A9A9A9 solid 1px;
+  width: 500px; }
+  .deck-container .deck-toc ul {
+    list-style: none;
+    margin: 0px;
+    padding: 0px;
+    font-size: 1em; }
+    .deck-container .deck-toc ul li {
+      white-space: nowrap;
+      padding-left: 0.8em;
+      font-weight: normal; }
+      .deck-container .deck-toc ul li#toc-0 {
+        font-weight: bold;
+        padding-bottom: 1em;
+        padding-left: 0px; }
+  .deck-container .deck-toc a {
+    width: 100%;
+    display: block !important;
+    text-decoration: none;
+    color: #595959 !important; }
+
+.deck-toc-frame .deck-toc {
+  display: block; }
+
+@media print {
+  .deck-toc {
+    display: none; } }
+
+
+.deck-container .deck-toc li a span{color: #888;display:none;}
+</style>
+
+<style type="text/css">
+.hidden{ display:none; }
+#help-text{
+    border: 1px solid #CCDDEE;
+    box-shadow: 0 15px 10px -10px rgba(0, 0, 0, 0.5), 0 1px 4px rgba(0, 0, 0, 0.3), 0 0 40px rgba(0, 0, 0, 0.1) inset;
+    border-radius: 10px 10px 10px 10px;
+    background-color:#FFFFFF;
+    position:absolute;
+    z-index:4;
+ }
+
+#help-text dl {  padding: 0.5em;width:600px; }
+#help-text dt:after {  content: ":";}
+#help-text dt {  float: left; clear: left; width: 160px; text-align: right; font-weight: bold; color: green; }
+#help-text dd {  margin: 0 0 0 180px; padding: 0 0 0.5em 0; }
+
+
+@media print {
+  #help-text {
+    display: none; } }
+</style>
+<style type="text/css">
+#breadcrumb{
+    position:absolute;
+    top: 0px;
+    padding-top:5px;
+    z-index:4;
+    color:#BBB;
+    font-size:16px;
+ }
+#breadcrumb h2 a{ text-decoration:none; color: #999;}
+
+</style>
+<style type="text/css">
+section.large-black-slide,
+section.black-slide {
+  background-color: #222;
+}
+section.large-black-slide h2.section-slide {
+  font-size: 11.518865600000003em !important;
+  text-align: center !important;
+  color: white !important;
+  width: 90%;
+  margin-bottom: 0px;
+  line-height: 1.1em;
+}
+section.black-slide h2 {
+  font-size: 4.4em !important;
+  text-align: center !important;
+  color: white !important;
+  width: 90%;
+  position: absolute;
+  top: 20%;
+}
+section.large-black-slide a.deck-prev-link,
+section.large-black-slide a.deck-next-link {
+  display: none !important;
+}
+section.black-slide a.deck-prev-link,
+section.black-slide a.deck-next-link {
+  display: none !important;
+}
+section.typewriter-slide {
+  background-color: #FCEAB1;
+}
+section.typewriter-slide h2.section-slide {
+  font-size: 4.4em !important;
+  font-family: "American Typewriter", monospace !important;
+  text-align: center !important;
+  color: #111 !important;
+  position: absolute;
+  top: 25% !important;
+}
+section.typewriter-slide a.deck-prev-link,
+section.typewriter-slide a.deck-next-link {
+  display: none !important;
+}
+</style>
+
+
+<style type="text/css">
+/*
+  pygmentize filter
+*/
+
+table.highlighttable{ width:100%;}
+td.linenos { width: 80px;}
+.highlight .hll { background-color: #ffffcc }
+.highlight .c { color: #808080 } /* Comment */
+/* .highlight .err { color: #F00000; background-color: #F0A0A0 } */  /* removing the Error class */
+.highlight .k { color: #008000; font-weight: 600; } /* Keyword */
+.highlight .o { color: #303030 } /* Operator */
+.highlight .cm { color: #808080 } /* Comment.Multiline */
+.highlight .cp { color: #507090 } /* Comment.Preproc */
+.highlight .c1 { color: #808080 } /* Comment.Single */
+.highlight .cs { color: #cc0000; font-weight: bold } /* Comment.Special */
+.highlight .gd { color: #A00000 } /* Generic.Deleted */
+.highlight .ge { font-style: italic } /* Generic.Emph */
+.highlight .gr { color: #FF0000 } /* Generic.Error */
+.highlight .gh { color: #000080; font-weight: bold } /* Generic.Heading */
+.highlight .gi { color: #00A000 } /* Generic.Inserted */
+.highlight .go { color: #808080 } /* Generic.Output */
+.highlight .gp { color: #c65d09; font-weight: bold } /* Generic.Prompt */
+.highlight .gs { font-weight: bold } /* Generic.Strong */
+.highlight .gu { color: #800080; font-weight: bold } /* Generic.Subheading */
+.highlight .gt { color: #0040D0 } /* Generic.Traceback */
+.highlight .kc { color: #008000; font-weight: bold } /* Keyword.Constant */
+.highlight .kd { color: #008000; font-weight: bold } /* Keyword.Declaration */
+.highlight .kn { color: #008000; font-weight: bold } /* Keyword.Namespace */
+.highlight .kp { color: #003080; font-weight: bold } /* Keyword.Pseudo */
+.highlight .kr { color: #008000; font-weight: bold } /* Keyword.Reserved */
+.highlight .kt { color: #303090; font-weight: bold } /* Keyword.Type */
+.highlight .m { color: #6000E0; font-weight: bold } /* Literal.Number */
+.highlight .s { background-color: #fff0f0 } /* Literal.String */
+.highlight .na { color: #0000C0 } /* Name.Attribute */
+.highlight .nb { color: #007020 } /* Name.Builtin */
+.highlight .nc { color: #B00060; font-weight: bold } /* Name.Class */
+.highlight .no { color: #003060; font-weight: bold } /* Name.Constant */
+.highlight .nd { color: #505050; font-weight: bold } /* Name.Decorator */
+.highlight .ni { color: #800000; font-weight: bold } /* Name.Entity */
+.highlight .ne { color: #F00000; font-weight: bold } /* Name.Exception */
+.highlight .nf { color: #0060B0; font-weight: bold } /* Name.Function */
+.highlight .nl { color: #907000; font-weight: bold } /* Name.Label */
+.highlight .nn { color: #0e84b5; font-weight: bold } /* Name.Namespace */
+.highlight .nt { color: #007000 } /* Name.Tag */
+.highlight .nv { color: #906030 } /* Name.Variable */
+.highlight .ow { color: #000000; font-weight: bold } /* Operator.Word */
+.highlight .w { color: #bbbbbb } /* Text.Whitespace */
+.highlight .mf { color: #6000E0; font-weight: bold } /* Literal.Number.Float */
+.highlight .mh { color: #005080; font-weight: bold } /* Literal.Number.Hex */
+.highlight .mi { color: #0000D0; font-weight: bold } /* Literal.Number.Integer */
+.highlight .mo { color: #4000E0; font-weight: bold } /* Literal.Number.Oct */
+.highlight .sb { background-color: #fff0f0 } /* Literal.String.Backtick */
+.highlight .sc { color: #0040D0 } /* Literal.String.Char */
+.highlight .sd { color: #D04020 } /* Literal.String.Doc */
+.highlight .s2 { background-color: #fff0f0 } /* Literal.String.Double */
+.highlight .se { color: #606060; font-weight: bold; background-color: #fff0f0 } /* Literal.String.Escape */
+.highlight .sh { background-color: #fff0f0 } /* Literal.String.Heredoc */
+.highlight .si { background-color: #e0e0e0 } /* Literal.String.Interpol */
+.highlight .sx { color: #D02000; background-color: #fff0f0 } /* Literal.String.Other */
+.highlight .sr { color: #000000; background-color: #fff0ff } /* Literal.String.Regex */
+.highlight .s1 { background-color: #fff0f0 } /* Literal.String.Single */
+.highlight .ss { color: #A06000 } /* Literal.String.Symbol */
+.highlight .bp { color: #007020 } /* Name.Builtin.Pseudo */
+.highlight .vc { color: #306090 } /* Name.Variable.Class */
+.highlight .vg { color: #d07000; font-weight: bold } /* Name.Variable.Global */
+.highlight .vi { color: #3030B0 } /* Name.Variable.Instance */
+.highlight .il { color: #0000D0; font-weight: bold } /* Literal.Number.Integer.Long */
+</style>
+
+
+<!-- Theme CSS files -->
+<style type="text/css">
+@charset "UTF-8";
+section.slide {
+  margin-left: 0;
+  padding-left: 2.719406674907293em !important;
+}
+p.note {
+  text-align: right;
+  font-style: italic;
+}
+div.title {
+  text-align: center;
+  font-style: italic;
+  font-size: 0.6420052911747088em;
+}
+.preamble p {
+  text-align: right;
+  font-size: 0.6420052911747088em;
+  color: #888;
+}
+h2.section-slide {
+  font-size: 4.4em;
+  font-weight: bold;
+  text-align: left;
+  padding-top: 0.13226314198078057em;
+  margin-bottom: 0.19839471297117084em;
+}
+span.big {
+  font-size: 2.719406674907293em;
+  color: #0B7495;
+}
+.deck-container .slide ol li p {
+  font-size: 1.038764561120679em;
+}
+.deck-container {
+  font-family: 'PT Sans';
+  font-size: 1.6807210598932587em;
+  /* background-image: url(''); */
+  background-size: 5%;
+  background-repeat: no-repeat;
+  background-attachment: fixed;
+  background-position: top right;
+}
+.deck-container > .slide {
+  text-shadow: 1px 1px 1px rgba(255, 255, 255, 0.5);
+}
+.deck-container .slide h1,
+.deck-container .slide h2,
+.deck-container .slide h3,
+.deck-container .slide h4,
+.deck-container .slide h5,
+.deck-container .slide h6 {
+  font-family: 'PT Sans Narrow';
+}
+.deck-container .slide h1 {
+  color: #000000;
+}
+.deck-container .slide h2 {
+  color: #222222;
+  border-bottom: 0;
+}
+.cssreflections .deck-container .slide h1 {
+  line-height: 1;
+  -webkit-box-reflect: below -0.4em -webkit-gradient(linear, left top, left bottom, from(transparent), color-stop(0.4, transparent), color-stop(0.7, rgba(255, 255, 255, 0.05)), to(transparent));
+  -moz-box-reflect: below -0.4em -moz-linear-gradient(top, transparent 0%, transparent 30%, rgba(255, 255, 255, 0.3) 100%);
+}
+.deck-container .slide h3 {
+  color: #000;
+  font-size: 2.0168652718719104em;
+}
+.deck-container .slide h4 {
+  font-size: 1.8487931658825847em;
+  font-weight: bold;
+  margin-bottom: .25em;
+}
+.deck-container .slide p {
+  margin-bottom: 0.5em;
+  font-size: 1.6807210598932587em;
+}
+.deck-container .slide .sidebarblock {
+  font-size: 0.6420052911747088em;
+  color: #666;
+}
+.deck-container .slide pre {
+  border-color: #cde;
+  background: #fff;
+  position: relative;
+  z-index: auto;
+  /* http://nicolasgallagher.com/css-drop-shadows-without-images/ */
+
+}
+.deck-container .slide code,
+.deck-container .slide pre {
+  font-size: 1.038764561120679em !important;
+  line-height: 1.2465174733448148em;
+  font-family: Courier, 'Courier New', monospace;
+}
+.deck-container .slide dt {
+  font-size: 1.6807210598932587em;
+  color: #0B7495;
+}
+.borderradius .deck-container .slide pre {
+  -webkit-border-radius: 5px;
+  -moz-border-radius: 5px;
+  border-radius: 5px;
+  font-family: Courier, 'Courier New', monospace;
+}
+.csstransforms.boxshadow .deck-container .slide pre > :first-child:before {
+  content: "";
+  position: absolute;
+  z-index: -1;
+  background: #fff;
+  top: 0;
+  bottom: 0;
+  left: 0;
+  right: 0;
+}
+.csstransforms.boxshadow .deck-container .slide pre:before,
+.csstransforms.boxshadow .deck-container .slide pre:after {
+  content: "";
+  position: absolute;
+  z-index: -2;
+  bottom: 15px;
+  width: 50%;
+  height: 20%;
+  max-width: 300px;
+  -webkit-box-shadow: 0 15px 10px rgba(0, 0, 0, 0.7);
+  -moz-box-shadow: 0 15px 10px rgba(0, 0, 0, 0.7);
+  box-shadow: 0 15px 10px rgba(0, 0, 0, 0.7);
+}
+.csstransforms.boxshadow .deck-container .slide pre:before {
+  left: 10px;
+  -webkit-transform: rotate(-3deg);
+  -moz-transform: rotate(-3deg);
+  -ms-transform: rotate(-3deg);
+  -o-transform: rotate(-3deg);
+  transform: rotate(-3deg);
+}
+.csstransforms.boxshadow .deck-container .slide pre:after {
+  right: 10px;
+  -webkit-transform: rotate(3deg);
+  -moz-transform: rotate(3deg);
+  -ms-transform: rotate(3deg);
+  -o-transform: rotate(3deg);
+  transform: rotate(3deg);
+}
+.deck-container .slide code {
+  color: #789;
+}
+.deck-container .slide blockquote {
+  font-family: 'PT Sans';
+  font-size: 1.6807210598932587em;
+  padding: 1em 2em .5em 2em;
+  color: #000;
+  background: #fff;
+  position: relative;
+  border: 1px solid #cde;
+  z-index: auto;
+}
+.borderradius .deck-container .slide blockquote {
+  -webkit-border-radius: 5px;
+  -moz-border-radius: 5px;
+  border-radius: 5px;
+}
+.boxshadow .deck-container .slide blockquote > :first-child:before {
+  content: "";
+  position: absolute;
+  z-index: -1;
+  background: #fff;
+  top: 0;
+  bottom: 0;
+  left: 0;
+  right: 0;
+}
+.boxshadow .deck-container .slide blockquote:after {
+  content: "";
+  position: absolute;
+  z-index: -2;
+  top: 10px;
+  bottom: 10px;
+  left: 0;
+  right: 50%;
+  -moz-border-radius: 0.1px;
+  border-radius: 0.1px;
+  -webkit-box-shadow: 0 0 15px rgba(0, 0, 0, 0.6);
+  -moz-box-shadow: 0 0 15px rgba(0, 0, 0, 0.6);
+  box-shadow: 0 0 15px rgba(0, 0, 0, 0.6);
+}
+.deck-container .slide blockquote cite {
+  font-size: 0.3967894259423417em;
+  font-style: normal;
+  font-weight: bold;
+  color: #888;
+}
+.deck-container .slide blockquote:before {
+  content: "“";
+  position: absolute;
+  top: 0;
+  left: 0;
+  font-size: 4.4em;
+  line-height: 1;
+  color: #ccf0f0;
+  z-index: 1;
+}
+.deck-container .slide ::-moz-selection {
+  background: #08455f;
+  color: #fff;
+}
+.deck-container .slide ::selection {
+  background: #08455f;
+  color: #fff;
+}
+.deck-container .slide a,
+.deck-container .slide a:hover,
+.deck-container .slide a:focus,
+.deck-container .slide a:active,
+.deck-container .slide a:visited {
+  color: #599;
+  text-decoration: none;
+}
+.deck-container .slide a:hover,
+.deck-container .slide a:focus {
+  text-decoration: underline;
+}
+.deck-container .deck-prev-link,
+.deck-container .deck-next-link {
+  background: #fff;
+  opacity: 0.5;
+}
+.deck-container .deck-prev-link,
+.deck-container .deck-prev-link:hover,
+.deck-container .deck-prev-link:focus,
+.deck-container .deck-prev-link:active,
+.deck-container .deck-prev-link:visited,
+.deck-container .deck-next-link,
+.deck-container .deck-next-link:hover,
+.deck-container .deck-next-link:focus,
+.deck-container .deck-next-link:active,
+.deck-container .deck-next-link:visited {
+  color: #599;
+}
+.deck-container .deck-prev-link:hover,
+.deck-container .deck-prev-link:focus,
+.deck-container .deck-next-link:hover,
+.deck-container .deck-next-link:focus {
+  opacity: 1;
+  text-decoration: none;
+}
+.deck-container .deck-status {
+  font-size: 0.3967894259423417em;
+}
+.deck-container.deck-menu .slide {
+  background: transparent;
+  -webkit-border-radius: 5px;
+  -moz-border-radius: 5px;
+  border-radius: 5px;
+}
+.rgba .deck-container.deck-menu .slide {
+  background: rgba(0, 0, 0, 0.1);
+}
+.deck-container.deck-menu .slide.deck-current,
+.rgba .deck-container.deck-menu .slide.deck-current,
+.no-touch .deck-container.deck-menu .slide:hover {
+  background: #fff;
+}
+.deck-container .goto-form {
+  background: #fff;
+  border: 1px solid #cde;
+  -webkit-border-radius: 5px;
+  -moz-border-radius: 5px;
+  border-radius: 5px;
+}
+.boxshadow .deck-container .goto-form {
+  -webkit-box-shadow: 0 15px 10px -10px rgba(0, 0, 0, 0.5), 0 1px 4px rgba(0, 0, 0, 0.3), 0 0 40px rgba(0, 0, 0, 0.1) inset;
+  -moz-box-shadow: 0 15px 10px -10px rgba(0, 0, 0, 0.5), 0 1px 4px rgba(0, 0, 0, 0.3), 0 0 40px rgba(0, 0, 0, 0.1) inset;
+  box-shadow: 0 15px 10px -10px rgba(0, 0, 0, 0.5), 0 1px 4px rgba(0, 0, 0, 0.3), 0 0 40px rgba(0, 0, 0, 0.1) inset;
+}
+img[alt="1"],
+img[alt="2"],
+img[alt="3"],
+img[alt="4"],
+img[alt="5"],
+img[alt="6"],
+img[alt="7"],
+img[alt="8"],
+img[alt="9"] {
+  display: inline;
+  vertical-align: bottom;
+  font-size: 6px;
+  padding: 0 5px;
+}
+div.colist.arabic table tbody tr td:first-child {
+  /*may cause issues*/
+
+  width: 26px;
+}
+span.monospaced {
+  font-family: courier !important;
+  color: #434343 !important;
+  text-shadow: 1px 1px 2px #D3D0D0 !important;
+}
+h2:empty {
+  padding: 0;
+  margin: 0;
+  margin-top: 44px;
+}
+/*
+ * html5 specific
+ * copied from asciidoc.css, which is not included
+ * */
+table.tableblock {
+  margin-top: 1.0em;
+  margin-bottom: 1.5em;
+}
+thead,
+p.tableblock.header {
+  font-weight: bold;
+  color: #527bbd;
+}
+p.tableblock {
+  margin-top: 0;
+}
+table.tableblock {
+  border-width: 3px;
+  border-spacing: 0px;
+  border-style: solid;
+  border-color: #527bbd;
+  border-collapse: collapse;
+}
+th.tableblock,
+td.tableblock {
+  border-width: 1px;
+  padding: 4px;
+  border-style: solid;
+  border-color: #527bbd;
+}
+table.tableblock.frame-topbot {
+  border-left-style: hidden;
+  border-right-style: hidden;
+}
+table.tableblock.frame-sides {
+  border-top-style: hidden;
+  border-bottom-style: hidden;
+}
+table.tableblock.frame-none {
+  border-style: hidden;
+}
+th.tableblock.halign-left,
+td.tableblock.halign-left {
+  text-align: left;
+}
+th.tableblock.halign-center,
+td.tableblock.halign-center {
+  text-align: center;
+}
+th.tableblock.halign-right,
+td.tableblock.halign-right {
+  text-align: right;
+}
+th.tableblock.valign-top,
+td.tableblock.valign-top {
+  vertical-align: top;
+}
+th.tableblock.valign-middle,
+td.tableblock.valign-middle {
+  vertical-align: middle;
+}
+th.tableblock.valign-bottom,
+td.tableblock.valign-bottom {
+  vertical-align: bottom;
+}
+/* Classes to support color and font declarations in asciidoc
+eg [red small]#this text#
+*/
+span.aqua {
+  color: aqua;
+}
+span.black {
+  color: black;
+}
+span.blue {
+  color: blue;
+}
+span.fuchsia {
+  color: fuchsia;
+}
+span.gray {
+  color: gray;
+}
+span.green {
+  color: green;
+}
+span.lime {
+  color: lime;
+}
+span.maroon {
+  color: maroon;
+}
+span.navy {
+  color: navy;
+}
+span.olive {
+  color: olive;
+}
+span.purple {
+  color: purple;
+}
+span.red {
+  color: red;
+}
+span.silver {
+  color: silver;
+}
+span.teal {
+  color: teal;
+}
+span.white {
+  color: white;
+}
+span.yellow {
+  color: yellow;
+}
+span.aqua-background {
+  background: aqua;
+}
+span.black-background {
+  background: black;
+}
+span.blue-background {
+  background: blue;
+}
+span.fuchsia-background {
+  background: fuchsia;
+}
+span.gray-background {
+  background: gray;
+}
+span.green-background {
+  background: green;
+}
+span.lime-background {
+  background: lime;
+}
+span.maroon-background {
+  background: maroon;
+}
+span.navy-background {
+  background: navy;
+}
+span.olive-background {
+  background: olive;
+}
+span.purple-background {
+  background: purple;
+}
+span.red-background {
+  background: red;
+}
+span.silver-background {
+  background: silver;
+}
+span.teal-background {
+  background: teal;
+}
+span.white-background {
+  background: white;
+}
+span.yellow-background {
+  background: yellow;
+}
+span.big {
+  font-size: 2.719406674907293em;
+}
+span.small {
+  font-size: 0.6420052911747088em;
+}
+span.tiny {
+  font-size: 0.3967894259423417em;
+}
+span.underline {
+  text-decoration: underline;
+}
+span.overline {
+  text-decoration: overline;
+}
+span.line-through {
+  text-decoration: line-through;
+}
+div.form {
+  font-size: 1.6807210598932587em;
+}
+.form input[type="text"] {
+  width: 400px;
+}
+/* bootstrap forms css */
+.btn {
+  display: inline-block;
+  *display: inline;
+  padding: 4px 12px;
+  margin-bottom: 0;
+  *margin-left: .3em;
+  font-size: 14px;
+  line-height: 20px;
+  color: #333333;
+  text-align: center;
+  text-shadow: 0 1px 1px rgba(255, 255, 255, 0.75);
+  vertical-align: middle;
+  cursor: pointer;
+  background-color: #f5f5f5;
+  *background-color: #e6e6e6;
+  background-image: -moz-linear-gradient(top, #ffffff, #e6e6e6);
+  background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#ffffff), to(#e6e6e6));
+  background-image: -webkit-linear-gradient(top, #ffffff, #e6e6e6);
+  background-image: -o-linear-gradient(top, #ffffff, #e6e6e6);
+  background-image: linear-gradient(to bottom, #ffffff, #e6e6e6);
+  background-repeat: repeat-x;
+  border: 1px solid #bbbbbb;
+  *border: 0;
+  border-color: #e6e6e6 #e6e6e6 #bfbfbf;
+  border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
+  border-bottom-color: #a2a2a2;
+  -webkit-border-radius: 4px;
+  -moz-border-radius: 4px;
+  border-radius: 4px;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#ffe6e6e6', GradientType=0);
+  filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
+  *zoom: 1;
+  -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
+  -moz-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
+  box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
+}
+.btn:hover,
+.btn:active,
+.btn.active,
+.btn.disabled,
+.btn[disabled] {
+  color: #333333;
+  background-color: #e6e6e6;
+  *background-color: #d9d9d9;
+}
+.btn:active,
+.btn.active {
+  background-color: #cccccc \9;
+}
+.btn:first-child {
+  *margin-left: 0;
+}
+.btn:hover {
+  color: #333333;
+  text-decoration: none;
+  background-position: 0 -15px;
+  -webkit-transition: background-position 0.1s linear;
+  -moz-transition: background-position 0.1s linear;
+  -o-transition: background-position 0.1s linear;
+  transition: background-position 0.1s linear;
+}
+.btn:focus {
+  outline: thin dotted #333;
+  outline: 5px auto -webkit-focus-ring-color;
+  outline-offset: -2px;
+}
+.btn.active,
+.btn:active {
+  background-image: none;
+  outline: 0;
+  -webkit-box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
+  -moz-box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
+  box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
+}
+select,
+textarea,
+input[type="text"],
+input[type="password"],
+input[type="datetime"],
+input[type="datetime-local"],
+input[type="date"],
+input[type="month"],
+input[type="time"],
+input[type="week"],
+input[type="number"],
+input[type="email"],
+input[type="url"],
+input[type="search"],
+input[type="tel"],
+input[type="color"],
+.uneditable-input {
+  display: inline-block;
+  height: 20px;
+  padding: 4px 6px;
+  margin-bottom: 10px;
+  font-size: 14px;
+  line-height: 20px;
+  color: #555555;
+  vertical-align: middle;
+  -webkit-border-radius: 4px;
+  -moz-border-radius: 4px;
+  border-radius: 4px;
+}
+textarea {
+  height: auto;
+}
+textarea,
+input[type="text"],
+input[type="password"],
+input[type="datetime"],
+input[type="datetime-local"],
+input[type="date"],
+input[type="month"],
+input[type="time"],
+input[type="week"],
+input[type="number"],
+input[type="email"],
+input[type="url"],
+input[type="search"],
+input[type="tel"],
+input[type="color"],
+.uneditable-input {
+  background-color: #ffffff;
+  border: 1px solid #cccccc;
+  -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075);
+  -moz-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075);
+  box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075);
+  -webkit-transition: border linear 0.2s, box-shadow linear 0.2s;
+  -moz-transition: border linear 0.2s, box-shadow linear 0.2s;
+  -o-transition: border linear 0.2s, box-shadow linear 0.2s;
+  transition: border linear 0.2s, box-shadow linear 0.2s;
+}
+textarea:focus,
+input[type="text"]:focus,
+input[type="password"]:focus,
+input[type="datetime"]:focus,
+input[type="datetime-local"]:focus,
+input[type="date"]:focus,
+input[type="month"]:focus,
+input[type="time"]:focus,
+input[type="week"]:focus,
+input[type="number"]:focus,
+input[type="email"]:focus,
+input[type="url"]:focus,
+input[type="search"]:focus,
+input[type="tel"]:focus,
+input[type="color"]:focus,
+.uneditable-input:focus {
+  border-color: rgba(82, 168, 236, 0.8);
+  outline: 0;
+  outline: thin dotted \9;
+  /* IE6-9 */
+
+  -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 8px rgba(82, 168, 236, 0.6);
+  -moz-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 8px rgba(82, 168, 236, 0.6);
+  box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 8px rgba(82, 168, 236, 0.6);
+}
+/* start of sasa's changes */
+h3 {
+  float: none;
+}
+.listingblock div.title {
+  text-align: left;
+}
+div.sidebarblock > div.content {
+  background: #FFE;
+  border: 1px solid #DDD;
+  border-left: 4px solid #F0F0F0;
+  margin-top: 1.0em;
+  margin-bottom: 1.0em;
+  padding: 0.5em;
+  border-radius: 5px;
+}
+div.sidebarblock > div.content > div.title {
+  color: #527BBD;
+  font-weight: bold;
+  text-align: left;
+  margin-bottom: 0.5em;
+  font-size: 1.54em;
+}
+.slide pre {
+  line-height: 1.1em;
+  padding: 0.5em;
+}
+td.icon {
+  width: 48px;
+  padding: 0;
+}
+.deck-container .slide p {
+  font-size: 1.54em;
+}
+.admonitionblock table {
+  margin: 10px 0px;
+}
+</style>
+
+
+<script type="text/javascript">
+/*<![CDATA[*/
+/* Modernizr 2.0.6 (Custom Build) | MIT & BSD
+ * Contains: fontface | backgroundsize | borderimage | borderradius | boxshadow | flexbox | hsla | multiplebgs | opacity | rgba | textshadow | cssanimations | csscolumns | generatedcontent | cssgradients | cssreflections | csstransforms | csstransforms3d | csstransitions | applicationcache | canvas | canvastext | draganddrop | hashchange | history | audio | video | indexeddb | input | inputtypes | localstorage | postmessage | sessionstorage | websockets | websqldatabase | webworkers | geolocation | inlinesvg | smil | svg | svgclippaths | touch | webgl | iepp | cssclasses | addtest | teststyles | testprop | testallprops | hasevent | prefixes | domprefixes | load
+ */
+;window.Modernizr=function(a,b,c){function H(){e.input=function(a){for(var b=0,c=a.length;b<c;b++)t[a[b]]=a[b]in l;return t}("autocomplete autofocus list placeholder max min multiple pattern required step".split(" ")),e.inputtypes=function(a){for(var d=0,e,f,h,i=a.length;d<i;d++)l.setAttribute("type",f=a[d]),e=l.type!=="text",e&&(l.value=m,l.style.cssText="position:absolute;visibility:hidden;",/^range$/.test(f)&&l.style.WebkitAppearance!==c?(g.appendChild(l),h=b.defaultView,e=h.getComputedStyle&&h.getComputedStyle(l,null).WebkitAppearance!=="textfield"&&l.offsetHeight!==0,g.removeChild(l)):/^(search|tel)$/.test(f)||(/^(url|email)$/.test(f)?e=l.checkValidity&&l.checkValidity()===!1:/^color$/.test(f)?(g.appendChild(l),g.offsetWidth,e=l.value!=m,g.removeChild(l)):e=l.value!=m)),s[a[d]]=!!e;return s}("search tel url email datetime date month week time datetime-local number range color".split(" "))}function F(a,b){var c=a.charAt(0).toUpperCase()+a.substr(1),d=(a+" "+p.join(c+" ")+c).split(" ");return E(d,b)}function E(a,b){for(var d in a)if(k[a[d]]!==c)return b=="pfx"?a[d]:!0;return!1}function D(a,b){return!!~(""+a).indexOf(b)}function C(a,b){return typeof a===b}function B(a,b){return A(o.join(a+";")+(b||""))}function A(a){k.cssText=a}var d="2.0.6",e={},f=!0,g=b.documentElement,h=b.head||b.getElementsByTagName("head")[0],i="modernizr",j=b.createElement(i),k=j.style,l=b.createElement("input"),m=":)",n=Object.prototype.toString,o=" -webkit- -moz- -o- -ms- -khtml- ".split(" "),p="Webkit Moz O ms Khtml".split(" "),q={svg:"http://www.w3.org/2000/svg"},r={},s={},t={},u=[],v=function(a,c,d,e){var f,h,j,k=b.createElement("div");if(parseInt(d,10))while(d--)j=b.createElement("div"),j.id=e?e[d]:i+(d+1),k.appendChild(j);f=["&shy;","<style>",a,"</style>"].join(""),k.id=i,k.innerHTML+=f,g.appendChild(k),h=c(k,a),k.parentNode.removeChild(k);return!!h},w=function(){function d(d,e){e=e||b.createElement(a[d]||"div"),d="on"+d;var f=d in e;f||(e.setAttribute||(e=b.createElement("div")),e.setAttribute&&e.removeAttribute&&(e.setAttribute(d,""),f=C(e[d],"function"),C(e[d],c)||(e[d]=c),e.removeAttribute(d))),e=null;return f}var a={select:"input",change:"input",submit:"form",reset:"form",error:"img",load:"img",abort:"img"};return d}(),x,y={}.hasOwnProperty,z;!C(y,c)&&!C(y.call,c)?z=function(a,b){return y.call(a,b)}:z=function(a,b){return b in a&&C(a.constructor.prototype[b],c)};var G=function(c,d){var f=c.join(""),g=d.length;v(f,function(c,d){var f=b.styleSheets[b.styleSheets.length-1],h=f.cssRules&&f.cssRules[0]?f.cssRules[0].cssText:f.cssText||"",i=c.childNodes,j={};while(g--)j[i[g].id]=i[g];e.touch="ontouchstart"in a||j.touch.offsetTop===9,e.csstransforms3d=j.csstransforms3d.offsetLeft===9,e.generatedcontent=j.generatedcontent.offsetHeight>=1,e.fontface=/src/i.test(h)&&h.indexOf(d.split(" ")[0])===0},g,d)}(['@font-face {font-family:"font";src:url("https://")}',["@media (",o.join("touch-enabled),("),i,")","{#touch{top:9px;position:absolute}}"].join(""),["@media (",o.join("transform-3d),("),i,")","{#csstransforms3d{left:9px;position:absolute}}"].join(""),['#generatedcontent:after{content:"',m,'";visibility:hidden}'].join("")],["fontface","touch","csstransforms3d","generatedcontent"]);r.flexbox=function(){function c(a,b,c,d){a.style.cssText=o.join(b+":"+c+";")+(d||"")}function a(a,b,c,d){b+=":",a.style.cssText=(b+o.join(c+";"+b)).slice(0,-b.length)+(d||"")}var d=b.createElement("div"),e=b.createElement("div");a(d,"display","box","width:42px;padding:0;"),c(e,"box-flex","1","width:10px;"),d.appendChild(e),g.appendChild(d);var f=e.offsetWidth===42;d.removeChild(e),g.removeChild(d);return f},r.canvas=function(){var a=b.createElement("canvas");return!!a.getContext&&!!a.getContext("2d")},r.canvastext=function(){return!!e.canvas&&!!C(b.createElement("canvas").getContext("2d").fillText,"function")},r.webgl=function(){return!!a.WebGLRenderingContext},r.touch=function(){return e.touch},r.geolocation=function(){return!!navigator.geolocation},r.postmessage=function(){return!!a.postMessage},r.websqldatabase=function(){var b=!!a.openDatabase;return b},r.indexedDB=function(){for(var b=-1,c=p.length;++b<c;)if(a[p[b].toLowerCase()+"IndexedDB"])return!0;return!!a.indexedDB},r.hashchange=function(){return w("hashchange",a)&&(b.documentMode===c||b.documentMode>7)},r.history=function(){return!!a.history&&!!history.pushState},r.draganddrop=function(){return w("dragstart")&&w("drop")},r.websockets=function(){for(var b=-1,c=p.length;++b<c;)if(a[p[b]+"WebSocket"])return!0;return"WebSocket"in a},r.rgba=function(){A("background-color:rgba(150,255,150,.5)");return D(k.backgroundColor,"rgba")},r.hsla=function(){A("background-color:hsla(120,40%,100%,.5)");return D(k.backgroundColor,"rgba")||D(k.backgroundColor,"hsla")},r.multiplebgs=function(){A("background:url(https://),url(https://),red url(https://)");return/(url\s*\(.*?){3}/.test(k.background)},r.backgroundsize=function(){return F("backgroundSize")},r.borderimage=function(){return F("borderImage")},r.borderradius=function(){return F("borderRadius")},r.boxshadow=function(){return F("boxShadow")},r.textshadow=function(){return b.createElement("div").style.textShadow===""},r.opacity=function(){B("opacity:.55");return/^0.55$/.test(k.opacity)},r.cssanimations=function(){return F("animationName")},r.csscolumns=function(){return F("columnCount")},r.cssgradients=function(){var a="background-image:",b="gradient(linear,left top,right bottom,from(#9f9),to(white));",c="linear-gradient(left top,#9f9, white);";A((a+o.join(b+a)+o.join(c+a)).slice(0,-a.length));return D(k.backgroundImage,"gradient")},r.cssreflections=function(){return F("boxReflect")},r.csstransforms=function(){return!!E(["transformProperty","WebkitTransform","MozTransform","OTransform","msTransform"])},r.csstransforms3d=function(){var a=!!E(["perspectiveProperty","WebkitPerspective","MozPerspective","OPerspective","msPerspective"]);a&&"webkitPerspective"in g.style&&(a=e.csstransforms3d);return a},r.csstransitions=function(){return F("transitionProperty")},r.fontface=function(){return e.fontface},r.generatedcontent=function(){return e.generatedcontent},r.video=function(){var a=b.createElement("video"),c=!1;try{if(c=!!a.canPlayType){c=new Boolean(c),c.ogg=a.canPlayType('video/ogg; codecs="theora"');var d='video/mp4; codecs="avc1.42E01E';c.h264=a.canPlayType(d+'"')||a.canPlayType(d+', mp4a.40.2"'),c.webm=a.canPlayType('video/webm; codecs="vp8, vorbis"')}}catch(e){}return c},r.audio=function(){var a=b.createElement("audio"),c=!1;try{if(c=!!a.canPlayType)c=new Boolean(c),c.ogg=a.canPlayType('audio/ogg; codecs="vorbis"'),c.mp3=a.canPlayType("audio/mpeg;"),c.wav=a.canPlayType('audio/wav; codecs="1"'),c.m4a=a.canPlayType("audio/x-m4a;")||a.canPlayType("audio/aac;")}catch(d){}return c},r.localstorage=function(){try{return!!localStorage.getItem}catch(a){return!1}},r.sessionstorage=function(){try{return!!sessionStorage.getItem}catch(a){return!1}},r.webworkers=function(){return!!a.Worker},r.applicationcache=function(){return!!a.applicationCache},r.svg=function(){return!!b.createElementNS&&!!b.createElementNS(q.svg,"svg").createSVGRect},r.inlinesvg=function(){var a=b.createElement("div");a.innerHTML="<svg/>";return(a.firstChild&&a.firstChild.namespaceURI)==q.svg},r.smil=function(){return!!b.createElementNS&&/SVG/.test(n.call(b.createElementNS(q.svg,"animate")))},r.svgclippaths=function(){return!!b.createElementNS&&/SVG/.test(n.call(b.createElementNS(q.svg,"clipPath")))};for(var I in r)z(r,I)&&(x=I.toLowerCase(),e[x]=r[I](),u.push((e[x]?"":"no-")+x));e.input||H(),e.addTest=function(a,b){if(typeof a=="object")for(var d in a)z(a,d)&&e.addTest(d,a[d]);else{a=a.toLowerCase();if(e[a]!==c)return;b=typeof b=="boolean"?b:!!b(),g.className+=" "+(b?"":"no-")+a,e[a]=b}return e},A(""),j=l=null,a.attachEvent&&function(){var a=b.createElement("div");a.innerHTML="<elem></elem>";return a.childNodes.length!==1}()&&function(a,b){function s(a){var b=-1;while(++b<g)a.createElement(f[b])}a.iepp=a.iepp||{};var d=a.iepp,e=d.html5elements||"abbr|article|aside|audio|canvas|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",f=e.split("|"),g=f.length,h=new RegExp("(^|\\s)("+e+")","gi"),i=new RegExp("<(/*)("+e+")","gi"),j=/^\s*[\{}]\s*$/,k=new RegExp("(^|[^\\n]*?\\s)("+e+")([^\\n]*)({[\\n\\w\\W]*?})","gi"),l=b.createDocumentFragment(),m=b.documentElement,n=m.firstChild,o=b.createElement("body"),p=b.createElement("style"),q=/print|all/,r;d.getCSS=function(a,b){if(a+""===c)return"";var e=-1,f=a.length,g,h=[];while(++e<f){g=a[e];if(g.disabled)continue;b=g.media||b,q.test(b)&&h.push(d.getCSS(g.imports,b),g.cssText),b="all"}return h.join("")},d.parseCSS=function(a){var b=[],c;while((c=k.exec(a))!=null)b.push(((j.exec(c[1])?"\n":c[1])+c[2]+c[3]).replace(h,"$1.iepp_$2")+c[4]);return b.join("\n")},d.writeHTML=function(){var a=-1;r=r||b.body;while(++a<g){var c=b.getElementsByTagName(f[a]),d=c.length,e=-1;while(++e<d)c[e].className.indexOf("iepp_")<0&&(c[e].className+=" iepp_"+f[a])}l.appendChild(r),m.appendChild(o),o.className=r.className,o.id=r.id,o.innerHTML=r.innerHTML.replace(i,"<$1font")},d._beforePrint=function(){p.styleSheet.cssText=d.parseCSS(d.getCSS(b.styleSheets,"all")),d.writeHTML()},d.restoreHTML=function(){o.innerHTML="",m.removeChild(o),m.appendChild(r)},d._afterPrint=function(){d.restoreHTML(),p.styleSheet.cssText=""},s(b),s(l);d.disablePP||(n.insertBefore(p,n.firstChild),p.media="print",p.className="iepp-printshim",a.attachEvent("onbeforeprint",d._beforePrint),a.attachEvent("onafterprint",d._afterPrint))}(a,b),e._version=d,e._prefixes=o,e._domPrefixes=p,e.hasEvent=w,e.testProp=function(a){return E([a])},e.testAllProps=F,e.testStyles=v,g.className=g.className.replace(/\bno-js\b/,"")+(f?" js "+u.join(" "):"");return e}(this,this.document),function(a,b,c){function k(a){return!a||a=="loaded"||a=="complete"}function j(){var a=1,b=-1;while(p.length- ++b)if(p[b].s&&!(a=p[b].r))break;a&&g()}function i(a){var c=b.createElement("script"),d;c.src=a.s,c.onreadystatechange=c.onload=function(){!d&&k(c.readyState)&&(d=1,j(),c.onload=c.onreadystatechange=null)},m(function(){d||(d=1,j())},H.errorTimeout),a.e?c.onload():n.parentNode.insertBefore(c,n)}function h(a){var c=b.createElement("link"),d;c.href=a.s,c.rel="stylesheet",c.type="text/css";if(!a.e&&(w||r)){var e=function(a){m(function(){if(!d)try{a.sheet.cssRules.length?(d=1,j()):e(a)}catch(b){b.code==1e3||b.message=="security"||b.message=="denied"?(d=1,m(function(){j()},0)):e(a)}},0)};e(c)}else c.onload=function(){d||(d=1,m(function(){j()},0))},a.e&&c.onload();m(function(){d||(d=1,j())},H.errorTimeout),!a.e&&n.parentNode.insertBefore(c,n)}function g(){var a=p.shift();q=1,a?a.t?m(function(){a.t=="c"?h(a):i(a)},0):(a(),j()):q=0}function f(a,c,d,e,f,h){function i(){!o&&k(l.readyState)&&(r.r=o=1,!q&&j(),l.onload=l.onreadystatechange=null,m(function(){u.removeChild(l)},0))}var l=b.createElement(a),o=0,r={t:d,s:c,e:h};l.src=l.data=c,!s&&(l.style.display="none"),l.width=l.height="0",a!="object"&&(l.type=d),l.onload=l.onreadystatechange=i,a=="img"?l.onerror=i:a=="script"&&(l.onerror=function(){r.e=r.r=1,g()}),p.splice(e,0,r),u.insertBefore(l,s?null:n),m(function(){o||(u.removeChild(l),r.r=r.e=o=1,j())},H.errorTimeout)}function e(a,b,c){var d=b=="c"?z:y;q=0,b=b||"j",C(a)?f(d,a,b,this.i++,l,c):(p.splice(this.i++,0,a),p.length==1&&g());return this}function d(){var a=H;a.loader={load:e,i:0};return a}var l=b.documentElement,m=a.setTimeout,n=b.getElementsByTagName("script")[0],o={}.toString,p=[],q=0,r="MozAppearance"in l.style,s=r&&!!b.createRange().compareNode,t=r&&!s,u=s?l:n.parentNode,v=a.opera&&o.call(a.opera)=="[object Opera]",w="webkitAppearance"in l.style,x=w&&"async"in b.createElement("script"),y=r?"object":v||x?"img":"script",z=w?"img":y,A=Array.isArray||function(a){return o.call(a)=="[object Array]"},B=function(a){return Object(a)===a},C=function(a){return typeof a=="string"},D=function(a){return o.call(a)=="[object Function]"},E=[],F={},G,H;H=function(a){function f(a){var b=a.split("!"),c=E.length,d=b.pop(),e=b.length,f={url:d,origUrl:d,prefixes:b},g,h;for(h=0;h<e;h++)g=F[b[h]],g&&(f=g(f));for(h=0;h<c;h++)f=E[h](f);return f}function e(a,b,e,g,h){var i=f(a),j=i.autoCallback;if(!i.bypass){b&&(b=D(b)?b:b[a]||b[g]||b[a.split("/").pop().split("?")[0]]);if(i.instead)return i.instead(a,b,e,g,h);e.load(i.url,i.forceCSS||!i.forceJS&&/css$/.test(i.url)?"c":c,i.noexec),(D(b)||D(j))&&e.load(function(){d(),b&&b(i.origUrl,h,g),j&&j(i.origUrl,h,g)})}}function b(a,b){function c(a){if(C(a))e(a,h,b,0,d);else if(B(a))for(i in a)a.hasOwnProperty(i)&&e(a[i],h,b,i,d)}var d=!!a.test,f=d?a.yep:a.nope,g=a.load||a.both,h=a.callback,i;c(f),c(g),a.complete&&b.load(a.complete)}var g,h,i=this.yepnope.loader;if(C(a))e(a,0,i,0);else if(A(a))for(g=0;g<a.length;g++)h=a[g],C(h)?e(h,0,i,0):A(h)?H(h):B(h)&&b(h,i);else B(a)&&b(a,i)},H.addPrefix=function(a,b){F[a]=b},H.addFilter=function(a){E.push(a)},H.errorTimeout=1e4,b.readyState==null&&b.addEventListener&&(b.readyState="loading",b.addEventListener("DOMContentLoaded",G=function(){b.removeEventListener("DOMContentLoaded",G,0),b.readyState="complete"},0)),a.yepnope=d()}(this,this.document),Modernizr.load=function(){yepnope.apply(window,[].slice.call(arguments,0))};
+/*! jQuery v1.10.2 | (c) 2005, 2013 jQuery Foundation, Inc. | jquery.org/license
+//@ sourceMappingURL=jquery-1.10.2.min.map
+*/
+(function(e,t){var n,r,i=typeof t,o=e.location,a=e.document,s=a.documentElement,l=e.jQuery,u=e.$,c={},p=[],f="1.10.2",d=p.concat,h=p.push,g=p.slice,m=p.indexOf,y=c.toString,v=c.hasOwnProperty,b=f.trim,x=function(e,t){return new x.fn.init(e,t,r)},w=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,T=/\S+/g,C=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,N=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]*))$/,k=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,E=/^[\],:{}s]*$/,S=/(?:^|:|,)(?:\s*\[)+/g,A=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,j=/"[^"\\\r\n]*"|true|false|null|-?(?:\d+\.|)\d+(?:[eE][+-]?\d+|)/g,D=/^-ms-/,L=/-([\da-z])/gi,H=function(e,t){return t.toUpperCase()},q=function(e){(a.addEventListener||"load"===e.type||"complete"===a.readyState)&&(_(),x.ready())},_=function(){a.addEventListener?(a.removeEventListener("DOMContentLoaded",q,!1),e.removeEventListener("load",q,!1)):(a.detachEvent("onreadystatechange",q),e.detachEvent("onload",q))};x.fn=x.prototype={jquery:f,constructor:x,init:function(e,n,r){var i,o;if(!e)return this;if("string"==typeof e){if(i="<"===e.charAt(0)&&">"===e.charAt(e.length-1)&&e.length>=3?[null,e,null]:N.exec(e),!i||!i[1]&&n)return!n||n.jquery?(n||r).find(e):this.constructor(n).find(e);if(i[1]){if(n=n instanceof x?n[0]:n,x.merge(this,x.parseHTML(i[1],n&&n.nodeType?n.ownerDocument||n:a,!0)),k.test(i[1])&&x.isPlainObject(n))for(i in n)x.isFunction(this[i])?this[i](n[i]):this.attr(i,n[i]);return this}if(o=a.getElementById(i[2]),o&&o.parentNode){if(o.id!==i[2])return r.find(e);this.length=1,this[0]=o}return this.context=a,this.selector=e,this}return e.nodeType?(this.context=this[0]=e,this.length=1,this):x.isFunction(e)?r.ready(e):(e.selector!==t&&(this.selector=e.selector,this.context=e.context),x.makeArray(e,this))},selector:"",length:0,toArray:function(){return g.call(this)},get:function(e){return null==e?this.toArray():0>e?this[this.length+e]:this[e]},pushStack:function(e){var t=x.merge(this.constructor(),e);return t.prevObject=this,t.context=this.context,t},each:function(e,t){return x.each(this,e,t)},ready:function(e){return x.ready.promise().done(e),this},slice:function(){return this.pushStack(g.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(e){var t=this.length,n=+e+(0>e?t:0);return this.pushStack(n>=0&&t>n?[this[n]]:[])},map:function(e){return this.pushStack(x.map(this,function(t,n){return e.call(t,n,t)}))},end:function(){return this.prevObject||this.constructor(null)},push:h,sort:[].sort,splice:[].splice},x.fn.init.prototype=x.fn,x.extend=x.fn.extend=function(){var e,n,r,i,o,a,s=arguments[0]||{},l=1,u=arguments.length,c=!1;for("boolean"==typeof s&&(c=s,s=arguments[1]||{},l=2),"object"==typeof s||x.isFunction(s)||(s={}),u===l&&(s=this,--l);u>l;l++)if(null!=(o=arguments[l]))for(i in o)e=s[i],r=o[i],s!==r&&(c&&r&&(x.isPlainObject(r)||(n=x.isArray(r)))?(n?(n=!1,a=e&&x.isArray(e)?e:[]):a=e&&x.isPlainObject(e)?e:{},s[i]=x.extend(c,a,r)):r!==t&&(s[i]=r));return s},x.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),noConflict:function(t){return e.$===x&&(e.$=u),t&&e.jQuery===x&&(e.jQuery=l),x},isReady:!1,readyWait:1,holdReady:function(e){e?x.readyWait++:x.ready(!0)},ready:function(e){if(e===!0?!--x.readyWait:!x.isReady){if(!a.body)return setTimeout(x.ready);x.isReady=!0,e!==!0&&--x.readyWait>0||(n.resolveWith(a,[x]),x.fn.trigger&&x(a).trigger("ready").off("ready"))}},isFunction:function(e){return"function"===x.type(e)},isArray:Array.isArray||function(e){return"array"===x.type(e)},isWindow:function(e){return null!=e&&e==e.window},isNumeric:function(e){return!isNaN(parseFloat(e))&&isFinite(e)},type:function(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?c[y.call(e)]||"object":typeof e},isPlainObject:function(e){var n;if(!e||"object"!==x.type(e)||e.nodeType||x.isWindow(e))return!1;try{if(e.constructor&&!v.call(e,"constructor")&&!v.call(e.constructor.prototype,"isPrototypeOf"))return!1}catch(r){return!1}if(x.support.ownLast)for(n in e)return v.call(e,n);for(n in e);return n===t||v.call(e,n)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},error:function(e){throw Error(e)},parseHTML:function(e,t,n){if(!e||"string"!=typeof e)return null;"boolean"==typeof t&&(n=t,t=!1),t=t||a;var r=k.exec(e),i=!n&&[];return r?[t.createElement(r[1])]:(r=x.buildFragment([e],t,i),i&&x(i).remove(),x.merge([],r.childNodes))},parseJSON:function(n){return e.JSON&&e.JSON.parse?e.JSON.parse(n):null===n?n:"string"==typeof n&&(n=x.trim(n),n&&E.test(n.replace(A,"@").replace(j,"]").replace(S,"")))?Function("return "+n)():(x.error("Invalid JSON: "+n),t)},parseXML:function(n){var r,i;if(!n||"string"!=typeof n)return null;try{e.DOMParser?(i=new DOMParser,r=i.parseFromString(n,"text/xml")):(r=new ActiveXObject("Microsoft.XMLDOM"),r.async="false",r.loadXML(n))}catch(o){r=t}return r&&r.documentElement&&!r.getElementsByTagName("parsererror").length||x.error("Invalid XML: "+n),r},noop:function(){},globalEval:function(t){t&&x.trim(t)&&(e.execScript||function(t){e.eval.call(e,t)})(t)},camelCase:function(e){return e.replace(D,"ms-").replace(L,H)},nodeName:function(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()},each:function(e,t,n){var r,i=0,o=e.length,a=M(e);if(n){if(a){for(;o>i;i++)if(r=t.apply(e[i],n),r===!1)break}else for(i in e)if(r=t.apply(e[i],n),r===!1)break}else if(a){for(;o>i;i++)if(r=t.call(e[i],i,e[i]),r===!1)break}else for(i in e)if(r=t.call(e[i],i,e[i]),r===!1)break;return e},trim:b&&!b.call("\ufeff\u00a0")?function(e){return null==e?"":b.call(e)}:function(e){return null==e?"":(e+"").replace(C,"")},makeArray:function(e,t){var n=t||[];return null!=e&&(M(Object(e))?x.merge(n,"string"==typeof e?[e]:e):h.call(n,e)),n},inArray:function(e,t,n){var r;if(t){if(m)return m.call(t,e,n);for(r=t.length,n=n?0>n?Math.max(0,r+n):n:0;r>n;n++)if(n in t&&t[n]===e)return n}return-1},merge:function(e,n){var r=n.length,i=e.length,o=0;if("number"==typeof r)for(;r>o;o++)e[i++]=n[o];else while(n[o]!==t)e[i++]=n[o++];return e.length=i,e},grep:function(e,t,n){var r,i=[],o=0,a=e.length;for(n=!!n;a>o;o++)r=!!t(e[o],o),n!==r&&i.push(e[o]);return i},map:function(e,t,n){var r,i=0,o=e.length,a=M(e),s=[];if(a)for(;o>i;i++)r=t(e[i],i,n),null!=r&&(s[s.length]=r);else for(i in e)r=t(e[i],i,n),null!=r&&(s[s.length]=r);return d.apply([],s)},guid:1,proxy:function(e,n){var r,i,o;return"string"==typeof n&&(o=e[n],n=e,e=o),x.isFunction(e)?(r=g.call(arguments,2),i=function(){return e.apply(n||this,r.concat(g.call(arguments)))},i.guid=e.guid=e.guid||x.guid++,i):t},access:function(e,n,r,i,o,a,s){var l=0,u=e.length,c=null==r;if("object"===x.type(r)){o=!0;for(l in r)x.access(e,n,l,r[l],!0,a,s)}else if(i!==t&&(o=!0,x.isFunction(i)||(s=!0),c&&(s?(n.call(e,i),n=null):(c=n,n=function(e,t,n){return c.call(x(e),n)})),n))for(;u>l;l++)n(e[l],r,s?i:i.call(e[l],l,n(e[l],r)));return o?e:c?n.call(e):u?n(e[0],r):a},now:function(){return(new Date).getTime()},swap:function(e,t,n,r){var i,o,a={};for(o in t)a[o]=e.style[o],e.style[o]=t[o];i=n.apply(e,r||[]);for(o in t)e.style[o]=a[o];return i}}),x.ready.promise=function(t){if(!n)if(n=x.Deferred(),"complete"===a.readyState)setTimeout(x.ready);else if(a.addEventListener)a.addEventListener("DOMContentLoaded",q,!1),e.addEventListener("load",q,!1);else{a.attachEvent("onreadystatechange",q),e.attachEvent("onload",q);var r=!1;try{r=null==e.frameElement&&a.documentElement}catch(i){}r&&r.doScroll&&function o(){if(!x.isReady){try{r.doScroll("left")}catch(e){return setTimeout(o,50)}_(),x.ready()}}()}return n.promise(t)},x.each("Boolean Number String Function Array Date RegExp Object Error".split(" "),function(e,t){c["[object "+t+"]"]=t.toLowerCase()});function M(e){var t=e.length,n=x.type(e);return x.isWindow(e)?!1:1===e.nodeType&&t?!0:"array"===n||"function"!==n&&(0===t||"number"==typeof t&&t>0&&t-1 in e)}r=x(a),function(e,t){var n,r,i,o,a,s,l,u,c,p,f,d,h,g,m,y,v,b="sizzle"+-new Date,w=e.document,T=0,C=0,N=st(),k=st(),E=st(),S=!1,A=function(e,t){return e===t?(S=!0,0):0},j=typeof t,D=1<<31,L={}.hasOwnProperty,H=[],q=H.pop,_=H.push,M=H.push,O=H.slice,F=H.indexOf||function(e){var t=0,n=this.length;for(;n>t;t++)if(this[t]===e)return t;return-1},B="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",P="[\\x20\\t\\r\\n\\f]",R="(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",W=R.replace("w","w#"),$="\\["+P+"*("+R+")"+P+"*(?:([*^$|!~]?=)"+P+"*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|("+W+")|)|)"+P+"*\\]",I=":("+R+")(?:\\(((['\"])((?:\\\\.|[^\\\\])*?)\\3|((?:\\\\.|[^\\\\()[\\]]|"+$.replace(3,8)+")*)|.*)\\)|)",z=RegExp("^"+P+"+|((?:^|[^\\\\])(?:\\\\.)*)"+P+"+$","g"),X=RegExp("^"+P+"*,"+P+"*"),U=RegExp("^"+P+"*([>+~]|"+P+")"+P+"*"),V=RegExp(P+"*[+~]"),Y=RegExp("="+P+"*([^\\]'\"]*)"+P+"*\\]","g"),J=RegExp(I),G=RegExp("^"+W+"$"),Q={ID:RegExp("^#("+R+")"),CLASS:RegExp("^\\.("+R+")"),TAG:RegExp("^("+R.replace("w","w*")+")"),ATTR:RegExp("^"+$),PSEUDO:RegExp("^"+I),CHILD:RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+P+"*(even|odd|(([+-]|)(\\d*)n|)"+P+"*(?:([+-]|)"+P+"*(\\d+)|))"+P+"*\\)|)","i"),bool:RegExp("^(?:"+B+")$","i"),needsContext:RegExp("^"+P+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+P+"*((?:-\\d)?\\d*)"+P+"*\\)|)(?=[^-]|$)","i")},K=/^[^{]+\{s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,et=/^(?:input|select|textarea|button)$/i,tt=/^h\d$/i,nt=/'|\\/g,rt=RegExp("\\\\([\\da-f]{1,6}"+P+"?|("+P+")|.)","ig"),it=function(e,t,n){var r="0x"+t-65536;return r!==r||n?t:0>r?String.fromCharCode(r+65536):String.fromCharCode(55296|r>>10,56320|1023&r)};try{M.apply(H=O.call(w.childNodes),w.childNodes),H[w.childNodes.length].nodeType}catch(ot){M={apply:H.length?function(e,t){_.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function at(e,t,n,i){var o,a,s,l,u,c,d,m,y,x;if((t?t.ownerDocument||t:w)!==f&&p(t),t=t||f,n=n||[],!e||"string"!=typeof e)return n;if(1!==(l=t.nodeType)&&9!==l)return[];if(h&&!i){if(o=Z.exec(e))if(s=o[1]){if(9===l){if(a=t.getElementById(s),!a||!a.parentNode)return n;if(a.id===s)return n.push(a),n}else if(t.ownerDocument&&(a=t.ownerDocument.getElementById(s))&&v(t,a)&&a.id===s)return n.push(a),n}else{if(o[2])return M.apply(n,t.getElementsByTagName(e)),n;if((s=o[3])&&r.getElementsByClassName&&t.getElementsByClassName)return M.apply(n,t.getElementsByClassName(s)),n}if(r.qsa&&(!g||!g.test(e))){if(m=d=b,y=t,x=9===l&&e,1===l&&"object"!==t.nodeName.toLowerCase()){c=mt(e),(d=t.getAttribute("id"))?m=d.replace(nt,"\\$&"):t.setAttribute("id",m),m="[id='"+m+"'] ",u=c.length;while(u--)c[u]=m+yt(c[u]);y=V.test(e)&&t.parentNode||t,x=c.join(",")}if(x)try{return M.apply(n,y.querySelectorAll(x)),n}catch(T){}finally{d||t.removeAttribute("id")}}}return kt(e.replace(z,"$1"),t,n,i)}function st(){var e=[];function t(n,r){return e.push(n+=" ")>o.cacheLength&&delete t[e.shift()],t[n]=r}return t}function lt(e){return e[b]=!0,e}function ut(e){var t=f.createElement("div");try{return!!e(t)}catch(n){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function ct(e,t){var n=e.split("|"),r=e.length;while(r--)o.attrHandle[n[r]]=t}function pt(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&(~t.sourceIndex||D)-(~e.sourceIndex||D);if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function ft(e){return function(t){var n=t.nodeName.toLowerCase();return"input"===n&&t.type===e}}function dt(e){return function(t){var n=t.nodeName.toLowerCase();return("input"===n||"button"===n)&&t.type===e}}function ht(e){return lt(function(t){return t=+t,lt(function(n,r){var i,o=e([],n.length,t),a=o.length;while(a--)n[i=o[a]]&&(n[i]=!(r[i]=n[i]))})})}s=at.isXML=function(e){var t=e&&(e.ownerDocument||e).documentElement;return t?"HTML"!==t.nodeName:!1},r=at.support={},p=at.setDocument=function(e){var n=e?e.ownerDocument||e:w,i=n.defaultView;return n!==f&&9===n.nodeType&&n.documentElement?(f=n,d=n.documentElement,h=!s(n),i&&i.attachEvent&&i!==i.top&&i.attachEvent("onbeforeunload",function(){p()}),r.attributes=ut(function(e){return e.className="i",!e.getAttribute("className")}),r.getElementsByTagName=ut(function(e){return e.appendChild(n.createComment("")),!e.getElementsByTagName("*").length}),r.getElementsByClassName=ut(function(e){return e.innerHTML="<div class='a'></div><div class='a i'></div>",e.firstChild.className="i",2===e.getElementsByClassName("i").length}),r.getById=ut(function(e){return d.appendChild(e).id=b,!n.getElementsByName||!n.getElementsByName(b).length}),r.getById?(o.find.ID=function(e,t){if(typeof t.getElementById!==j&&h){var n=t.getElementById(e);return n&&n.parentNode?[n]:[]}},o.filter.ID=function(e){var t=e.replace(rt,it);return function(e){return e.getAttribute("id")===t}}):(delete o.find.ID,o.filter.ID=function(e){var t=e.replace(rt,it);return function(e){var n=typeof e.getAttributeNode!==j&&e.getAttributeNode("id");return n&&n.value===t}}),o.find.TAG=r.getElementsByTagName?function(e,n){return typeof n.getElementsByTagName!==j?n.getElementsByTagName(e):t}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},o.find.CLASS=r.getElementsByClassName&&function(e,n){return typeof n.getElementsByClassName!==j&&h?n.getElementsByClassName(e):t},m=[],g=[],(r.qsa=K.test(n.querySelectorAll))&&(ut(function(e){e.innerHTML="<select><option selected=''></option></select>",e.querySelectorAll("[selected]").length||g.push("\\["+P+"*(?:value|"+B+")"),e.querySelectorAll(":checked").length||g.push(":checked")}),ut(function(e){var t=n.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("t",""),e.querySelectorAll("[t^='']").length&&g.push("[*^$]="+P+"*(?:''|\"\")"),e.querySelectorAll(":enabled").length||g.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),g.push(",.*:")})),(r.matchesSelector=K.test(y=d.webkitMatchesSelector||d.mozMatchesSelector||d.oMatchesSelector||d.msMatchesSelector))&&ut(function(e){r.disconnectedMatch=y.call(e,"div"),y.call(e,"[s!='']:x"),m.push("!=",I)}),g=g.length&&RegExp(g.join("|")),m=m.length&&RegExp(m.join("|")),v=K.test(d.contains)||d.compareDocumentPosition?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},A=d.compareDocumentPosition?function(e,t){if(e===t)return S=!0,0;var i=t.compareDocumentPosition&&e.compareDocumentPosition&&e.compareDocumentPosition(t);return i?1&i||!r.sortDetached&&t.compareDocumentPosition(e)===i?e===n||v(w,e)?-1:t===n||v(w,t)?1:c?F.call(c,e)-F.call(c,t):0:4&i?-1:1:e.compareDocumentPosition?-1:1}:function(e,t){var r,i=0,o=e.parentNode,a=t.parentNode,s=[e],l=[t];if(e===t)return S=!0,0;if(!o||!a)return e===n?-1:t===n?1:o?-1:a?1:c?F.call(c,e)-F.call(c,t):0;if(o===a)return pt(e,t);r=e;while(r=r.parentNode)s.unshift(r);r=t;while(r=r.parentNode)l.unshift(r);while(s[i]===l[i])i++;return i?pt(s[i],l[i]):s[i]===w?-1:l[i]===w?1:0},n):f},at.matches=function(e,t){return at(e,null,null,t)},at.matchesSelector=function(e,t){if((e.ownerDocument||e)!==f&&p(e),t=t.replace(Y,"='$1']"),!(!r.matchesSelector||!h||m&&m.test(t)||g&&g.test(t)))try{var n=y.call(e,t);if(n||r.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(i){}return at(t,f,null,[e]).length>0},at.contains=function(e,t){return(e.ownerDocument||e)!==f&&p(e),v(e,t)},at.attr=function(e,n){(e.ownerDocument||e)!==f&&p(e);var i=o.attrHandle[n.toLowerCase()],a=i&&L.call(o.attrHandle,n.toLowerCase())?i(e,n,!h):t;return a===t?r.attributes||!h?e.getAttribute(n):(a=e.getAttributeNode(n))&&a.specified?a.value:null:a},at.error=function(e){throw Error("Syntax error, unrecognized expression: "+e)},at.uniqueSort=function(e){var t,n=[],i=0,o=0;if(S=!r.detectDuplicates,c=!r.sortStable&&e.slice(0),e.sort(A),S){while(t=e[o++])t===e[o]&&(i=n.push(o));while(i--)e.splice(n[i],1)}return e},a=at.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=a(e)}else if(3===i||4===i)return e.nodeValue}else for(;t=e[r];r++)n+=a(t);return n},o=at.selectors={cacheLength:50,createPseudo:lt,match:Q,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(rt,it),e[3]=(e[4]||e[5]||"").replace(rt,it),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||at.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&at.error(e[0]),e},PSEUDO:function(e){var n,r=!e[5]&&e[2];return Q.CHILD.test(e[0])?null:(e[3]&&e[4]!==t?e[2]=e[4]:r&&J.test(r)&&(n=mt(r,!0))&&(n=r.indexOf(")",r.length-n)-r.length)&&(e[0]=e[0].slice(0,n),e[2]=r.slice(0,n)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(rt,it).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=N[e+" "];return t||(t=RegExp("(^|"+P+")"+e+"("+P+"|$)"))&&N(e,function(e){return t.test("string"==typeof e.className&&e.className||typeof e.getAttribute!==j&&e.getAttribute("class")||"")})},ATTR:function(e,t,n){return function(r){var i=at.attr(r,e);return null==i?"!="===t:t?(i+="","="===t?i===n:"!="===t?i!==n:"^="===t?n&&0===i.indexOf(n):"*="===t?n&&i.indexOf(n)>-1:"$="===t?n&&i.slice(-n.length)===n:"~="===t?(" "+i+" ").indexOf(n)>-1:"|="===t?i===n||i.slice(0,n.length+1)===n+"-":!1):!0}},CHILD:function(e,t,n,r,i){var o="nth"!==e.slice(0,3),a="last"!==e.slice(-4),s="of-type"===t;return 1===r&&0===i?function(e){return!!e.parentNode}:function(t,n,l){var u,c,p,f,d,h,g=o!==a?"nextSibling":"previousSibling",m=t.parentNode,y=s&&t.nodeName.toLowerCase(),v=!l&&!s;if(m){if(o){while(g){p=t;while(p=p[g])if(s?p.nodeName.toLowerCase()===y:1===p.nodeType)return!1;h=g="only"===e&&!h&&"nextSibling"}return!0}if(h=[a?m.firstChild:m.lastChild],a&&v){c=m[b]||(m[b]={}),u=c[e]||[],d=u[0]===T&&u[1],f=u[0]===T&&u[2],p=d&&m.childNodes[d];while(p=++d&&p&&p[g]||(f=d=0)||h.pop())if(1===p.nodeType&&++f&&p===t){c[e]=[T,d,f];break}}else if(v&&(u=(t[b]||(t[b]={}))[e])&&u[0]===T)f=u[1];else while(p=++d&&p&&p[g]||(f=d=0)||h.pop())if((s?p.nodeName.toLowerCase()===y:1===p.nodeType)&&++f&&(v&&((p[b]||(p[b]={}))[e]=[T,f]),p===t))break;return f-=i,f===r||0===f%r&&f/r>=0}}},PSEUDO:function(e,t){var n,r=o.pseudos[e]||o.setFilters[e.toLowerCase()]||at.error("unsupported pseudo: "+e);return r[b]?r(t):r.length>1?(n=[e,e,"",t],o.setFilters.hasOwnProperty(e.toLowerCase())?lt(function(e,n){var i,o=r(e,t),a=o.length;while(a--)i=F.call(e,o[a]),e[i]=!(n[i]=o[a])}):function(e){return r(e,0,n)}):r}},pseudos:{not:lt(function(e){var t=[],n=[],r=l(e.replace(z,"$1"));return r[b]?lt(function(e,t,n,i){var o,a=r(e,null,i,[]),s=e.length;while(s--)(o=a[s])&&(e[s]=!(t[s]=o))}):function(e,i,o){return t[0]=e,r(t,null,o,n),!n.pop()}}),has:lt(function(e){return function(t){return at(e,t).length>0}}),contains:lt(function(e){return function(t){return(t.textContent||t.innerText||a(t)).indexOf(e)>-1}}),lang:lt(function(e){return G.test(e||"")||at.error("unsupported lang: "+e),e=e.replace(rt,it).toLowerCase(),function(t){var n;do if(n=h?t.lang:t.getAttribute("xml:lang")||t.getAttribute("lang"))return n=n.toLowerCase(),n===e||0===n.indexOf(e+"-");while((t=t.parentNode)&&1===t.nodeType);return!1}}),target:function(t){var n=e.location&&e.location.hash;return n&&n.slice(1)===t.id},root:function(e){return e===d},focus:function(e){return e===f.activeElement&&(!f.hasFocus||f.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:function(e){return e.disabled===!1},disabled:function(e){return e.disabled===!0},checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,e.selected===!0},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeName>"@"||3===e.nodeType||4===e.nodeType)return!1;return!0},parent:function(e){return!o.pseudos.empty(e)},header:function(e){return tt.test(e.nodeName)},input:function(e){return et.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||t.toLowerCase()===e.type)},first:ht(function(){return[0]}),last:ht(function(e,t){return[t-1]}),eq:ht(function(e,t,n){return[0>n?n+t:n]}),even:ht(function(e,t){var n=0;for(;t>n;n+=2)e.push(n);return e}),odd:ht(function(e,t){var n=1;for(;t>n;n+=2)e.push(n);return e}),lt:ht(function(e,t,n){var r=0>n?n+t:n;for(;--r>=0;)e.push(r);return e}),gt:ht(function(e,t,n){var r=0>n?n+t:n;for(;t>++r;)e.push(r);return e})}},o.pseudos.nth=o.pseudos.eq;for(n in{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})o.pseudos[n]=ft(n);for(n in{submit:!0,reset:!0})o.pseudos[n]=dt(n);function gt(){}gt.prototype=o.filters=o.pseudos,o.setFilters=new gt;function mt(e,t){var n,r,i,a,s,l,u,c=k[e+" "];if(c)return t?0:c.slice(0);s=e,l=[],u=o.preFilter;while(s){(!n||(r=X.exec(s)))&&(r&&(s=s.slice(r[0].length)||s),l.push(i=[])),n=!1,(r=U.exec(s))&&(n=r.shift(),i.push({value:n,type:r[0].replace(z," ")}),s=s.slice(n.length));for(a in o.filter)!(r=Q[a].exec(s))||u[a]&&!(r=u[a](r))||(n=r.shift(),i.push({value:n,type:a,matches:r}),s=s.slice(n.length));if(!n)break}return t?s.length:s?at.error(e):k(e,l).slice(0)}function yt(e){var t=0,n=e.length,r="";for(;n>t;t++)r+=e[t].value;return r}function vt(e,t,n){var r=t.dir,o=n&&"parentNode"===r,a=C++;return t.first?function(t,n,i){while(t=t[r])if(1===t.nodeType||o)return e(t,n,i)}:function(t,n,s){var l,u,c,p=T+" "+a;if(s){while(t=t[r])if((1===t.nodeType||o)&&e(t,n,s))return!0}else while(t=t[r])if(1===t.nodeType||o)if(c=t[b]||(t[b]={}),(u=c[r])&&u[0]===p){if((l=u[1])===!0||l===i)return l===!0}else if(u=c[r]=[p],u[1]=e(t,n,s)||i,u[1]===!0)return!0}}function bt(e){return e.length>1?function(t,n,r){var i=e.length;while(i--)if(!e[i](t,n,r))return!1;return!0}:e[0]}function xt(e,t,n,r,i){var o,a=[],s=0,l=e.length,u=null!=t;for(;l>s;s++)(o=e[s])&&(!n||n(o,r,i))&&(a.push(o),u&&t.push(s));return a}function wt(e,t,n,r,i,o){return r&&!r[b]&&(r=wt(r)),i&&!i[b]&&(i=wt(i,o)),lt(function(o,a,s,l){var u,c,p,f=[],d=[],h=a.length,g=o||Nt(t||"*",s.nodeType?[s]:s,[]),m=!e||!o&&t?g:xt(g,f,e,s,l),y=n?i||(o?e:h||r)?[]:a:m;if(n&&n(m,y,s,l),r){u=xt(y,d),r(u,[],s,l),c=u.length;while(c--)(p=u[c])&&(y[d[c]]=!(m[d[c]]=p))}if(o){if(i||e){if(i){u=[],c=y.length;while(c--)(p=y[c])&&u.push(m[c]=p);i(null,y=[],u,l)}c=y.length;while(c--)(p=y[c])&&(u=i?F.call(o,p):f[c])>-1&&(o[u]=!(a[u]=p))}}else y=xt(y===a?y.splice(h,y.length):y),i?i(null,a,y,l):M.apply(a,y)})}function Tt(e){var t,n,r,i=e.length,a=o.relative[e[0].type],s=a||o.relative[" "],l=a?1:0,c=vt(function(e){return e===t},s,!0),p=vt(function(e){return F.call(t,e)>-1},s,!0),f=[function(e,n,r){return!a&&(r||n!==u)||((t=n).nodeType?c(e,n,r):p(e,n,r))}];for(;i>l;l++)if(n=o.relative[e[l].type])f=[vt(bt(f),n)];else{if(n=o.filter[e[l].type].apply(null,e[l].matches),n[b]){for(r=++l;i>r;r++)if(o.relative[e[r].type])break;return wt(l>1&&bt(f),l>1&&yt(e.slice(0,l-1).concat({value:" "===e[l-2].type?"*":""})).replace(z,"$1"),n,r>l&&Tt(e.slice(l,r)),i>r&&Tt(e=e.slice(r)),i>r&&yt(e))}f.push(n)}return bt(f)}function Ct(e,t){var n=0,r=t.length>0,a=e.length>0,s=function(s,l,c,p,d){var h,g,m,y=[],v=0,b="0",x=s&&[],w=null!=d,C=u,N=s||a&&o.find.TAG("*",d&&l.parentNode||l),k=T+=null==C?1:Math.random()||.1;for(w&&(u=l!==f&&l,i=n);null!=(h=N[b]);b++){if(a&&h){g=0;while(m=e[g++])if(m(h,l,c)){p.push(h);break}w&&(T=k,i=++n)}r&&((h=!m&&h)&&v--,s&&x.push(h))}if(v+=b,r&&b!==v){g=0;while(m=t[g++])m(x,y,l,c);if(s){if(v>0)while(b--)x[b]||y[b]||(y[b]=q.call(p));y=xt(y)}M.apply(p,y),w&&!s&&y.length>0&&v+t.length>1&&at.uniqueSort(p)}return w&&(T=k,u=C),x};return r?lt(s):s}l=at.compile=function(e,t){var n,r=[],i=[],o=E[e+" "];if(!o){t||(t=mt(e)),n=t.length;while(n--)o=Tt(t[n]),o[b]?r.push(o):i.push(o);o=E(e,Ct(i,r))}return o};function Nt(e,t,n){var r=0,i=t.length;for(;i>r;r++)at(e,t[r],n);return n}function kt(e,t,n,i){var a,s,u,c,p,f=mt(e);if(!i&&1===f.length){if(s=f[0]=f[0].slice(0),s.length>2&&"ID"===(u=s[0]).type&&r.getById&&9===t.nodeType&&h&&o.relative[s[1].type]){if(t=(o.find.ID(u.matches[0].replace(rt,it),t)||[])[0],!t)return n;e=e.slice(s.shift().value.length)}a=Q.needsContext.test(e)?0:s.length;while(a--){if(u=s[a],o.relative[c=u.type])break;if((p=o.find[c])&&(i=p(u.matches[0].replace(rt,it),V.test(s[0].type)&&t.parentNode||t))){if(s.splice(a,1),e=i.length&&yt(s),!e)return M.apply(n,i),n;break}}}return l(e,f)(i,t,!h,n,V.test(e)),n}r.sortStable=b.split("").sort(A).join("")===b,r.detectDuplicates=S,p(),r.sortDetached=ut(function(e){return 1&e.compareDocumentPosition(f.createElement("div"))}),ut(function(e){return e.innerHTML="<a href='#'></a>","#"===e.firstChild.getAttribute("href")})||ct("type|href|height|width",function(e,n,r){return r?t:e.getAttribute(n,"type"===n.toLowerCase()?1:2)}),r.attributes&&ut(function(e){return e.innerHTML="<input/>",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||ct("value",function(e,n,r){return r||"input"!==e.nodeName.toLowerCase()?t:e.defaultValue}),ut(function(e){return null==e.getAttribute("disabled")})||ct(B,function(e,n,r){var i;return r?t:(i=e.getAttributeNode(n))&&i.specified?i.value:e[n]===!0?n.toLowerCase():null}),x.find=at,x.expr=at.selectors,x.expr[":"]=x.expr.pseudos,x.unique=at.uniqueSort,x.text=at.getText,x.isXMLDoc=at.isXML,x.contains=at.contains}(e);var O={};function F(e){var t=O[e]={};return x.each(e.match(T)||[],function(e,n){t[n]=!0}),t}x.Callbacks=function(e){e="string"==typeof e?O[e]||F(e):x.extend({},e);var n,r,i,o,a,s,l=[],u=!e.once&&[],c=function(t){for(r=e.memory&&t,i=!0,a=s||0,s=0,o=l.length,n=!0;l&&o>a;a++)if(l[a].apply(t[0],t[1])===!1&&e.stopOnFalse){r=!1;break}n=!1,l&&(u?u.length&&c(u.shift()):r?l=[]:p.disable())},p={add:function(){if(l){var t=l.length;(function i(t){x.each(t,function(t,n){var r=x.type(n);"function"===r?e.unique&&p.has(n)||l.push(n):n&&n.length&&"string"!==r&&i(n)})})(arguments),n?o=l.length:r&&(s=t,c(r))}return this},remove:function(){return l&&x.each(arguments,function(e,t){var r;while((r=x.inArray(t,l,r))>-1)l.splice(r,1),n&&(o>=r&&o--,a>=r&&a--)}),this},has:function(e){return e?x.inArray(e,l)>-1:!(!l||!l.length)},empty:function(){return l=[],o=0,this},disable:function(){return l=u=r=t,this},disabled:function(){return!l},lock:function(){return u=t,r||p.disable(),this},locked:function(){return!u},fireWith:function(e,t){return!l||i&&!u||(t=t||[],t=[e,t.slice?t.slice():t],n?u.push(t):c(t)),this},fire:function(){return p.fireWith(this,arguments),this},fired:function(){return!!i}};return p},x.extend({Deferred:function(e){var t=[["resolve","done",x.Callbacks("once memory"),"resolved"],["reject","fail",x.Callbacks("once memory"),"rejected"],["notify","progress",x.Callbacks("memory")]],n="pending",r={state:function(){return n},always:function(){return i.done(arguments).fail(arguments),this},then:function(){var e=arguments;return x.Deferred(function(n){x.each(t,function(t,o){var a=o[0],s=x.isFunction(e[t])&&e[t];i[o[1]](function(){var e=s&&s.apply(this,arguments);e&&x.isFunction(e.promise)?e.promise().done(n.resolve).fail(n.reject).progress(n.notify):n[a+"With"](this===r?n.promise():this,s?[e]:arguments)})}),e=null}).promise()},promise:function(e){return null!=e?x.extend(e,r):r}},i={};return r.pipe=r.then,x.each(t,function(e,o){var a=o[2],s=o[3];r[o[1]]=a.add,s&&a.add(function(){n=s},t[1^e][2].disable,t[2][2].lock),i[o[0]]=function(){return i[o[0]+"With"](this===i?r:this,arguments),this},i[o[0]+"With"]=a.fireWith}),r.promise(i),e&&e.call(i,i),i},when:function(e){var t=0,n=g.call(arguments),r=n.length,i=1!==r||e&&x.isFunction(e.promise)?r:0,o=1===i?e:x.Deferred(),a=function(e,t,n){return function(r){t[e]=this,n[e]=arguments.length>1?g.call(arguments):r,n===s?o.notifyWith(t,n):--i||o.resolveWith(t,n)}},s,l,u;if(r>1)for(s=Array(r),l=Array(r),u=Array(r);r>t;t++)n[t]&&x.isFunction(n[t].promise)?n[t].promise().done(a(t,u,n)).fail(o.reject).progress(a(t,l,s)):--i;return i||o.resolveWith(u,n),o.promise()}}),x.support=function(t){var n,r,o,s,l,u,c,p,f,d=a.createElement("div");if(d.setAttribute("className","t"),d.innerHTML="  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>",n=d.getElementsByTagName("*")||[],r=d.getElementsByTagName("a")[0],!r||!r.style||!n.length)return t;s=a.createElement("select"),u=s.appendChild(a.createElement("option")),o=d.getElementsByTagName("input")[0],r.style.cssText="top:1px;float:left;opacity:.5",t.getSetAttribute="t"!==d.className,t.leadingWhitespace=3===d.firstChild.nodeType,t.tbody=!d.getElementsByTagName("tbody").length,t.htmlSerialize=!!d.getElementsByTagName("link").length,t.style=/top/.test(r.getAttribute("style")),t.hrefNormalized="/a"===r.getAttribute("href"),t.opacity=/^0.5/.test(r.style.opacity),t.cssFloat=!!r.style.cssFloat,t.checkOn=!!o.value,t.optSelected=u.selected,t.enctype=!!a.createElement("form").enctype,t.html5Clone="<:nav></:nav>"!==a.createElement("nav").cloneNode(!0).outerHTML,t.inlineBlockNeedsLayout=!1,t.shrinkWrapBlocks=!1,t.pixelPosition=!1,t.deleteExpando=!0,t.noCloneEvent=!0,t.reliableMarginRight=!0,t.boxSizingReliable=!0,o.checked=!0,t.noCloneChecked=o.cloneNode(!0).checked,s.disabled=!0,t.optDisabled=!u.disabled;try{delete d.test}catch(h){t.deleteExpando=!1}o=a.createElement("input"),o.setAttribute("value",""),t.input=""===o.getAttribute("value"),o.value="t",o.setAttribute("type","radio"),t.radioValue="t"===o.value,o.setAttribute("checked","t"),o.setAttribute("name","t"),l=a.createDocumentFragment(),l.appendChild(o),t.appendChecked=o.checked,t.checkClone=l.cloneNode(!0).cloneNode(!0).lastChild.checked,d.attachEvent&&(d.attachEvent("onclick",function(){t.noCloneEvent=!1}),d.cloneNode(!0).click());for(f in{submit:!0,change:!0,focusin:!0})d.setAttribute(c="on"+f,"t"),t[f+"Bubbles"]=c in e||d.attributes[c].expando===!1;d.style.backgroundClip="content-box",d.cloneNode(!0).style.backgroundClip="",t.clearCloneStyle="content-box"===d.style.backgroundClip;for(f in x(t))break;return t.ownLast="0"!==f,x(function(){var n,r,o,s="padding:0;margin:0;border:0;display:block;box-sizing:content-box;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;",l=a.getElementsByTagName("body")[0];l&&(n=a.createElement("div"),n.style.cssText="border:0;width:0;height:0;position:absolute;top:0;left:-9999px;margin-top:1px",l.appendChild(n).appendChild(d),d.innerHTML="<table><tr><td></td><td>t</td></tr></table>",o=d.getElementsByTagName("td"),o[0].style.cssText="padding:0;margin:0;border:0;display:none",p=0===o[0].offsetHeight,o[0].style.display="",o[1].style.display="none",t.reliableHiddenOffsets=p&&0===o[0].offsetHeight,d.innerHTML="",d.style.cssText="box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box;padding:1px;border:1px;display:block;width:4px;margin-top:1%;position:absolute;top:1%;",x.swap(l,null!=l.style.zoom?{zoom:1}:{},function(){t.boxSizing=4===d.offsetWidth}),e.getComputedStyle&&(t.pixelPosition="1%"!==(e.getComputedStyle(d,null)||{}).top,t.boxSizingReliable="4px"===(e.getComputedStyle(d,null)||{width:"4px"}).width,r=d.appendChild(a.createElement("div")),r.style.cssText=d.style.cssText=s,r.style.marginRight=r.style.width="0",d.style.width="1px",t.reliableMarginRight=!parseFloat((e.getComputedStyle(r,null)||{}).marginRight)),typeof d.style.zoom!==i&&(d.innerHTML="",d.style.cssText=s+"width:1px;padding:1px;display:inline;zoom:1",t.inlineBlockNeedsLayout=3===d.offsetWidth,d.style.display="block",d.innerHTML="<div></div>",d.firstChild.style.width="5px",t.shrinkWrapBlocks=3!==d.offsetWidth,t.inlineBlockNeedsLayout&&(l.style.zoom=1)),l.removeChild(n),n=d=o=r=null)}),n=s=l=u=r=o=null,t
+}({});var B=/(?:\{[\s\S]*\}|\[[\s\S]*\])$/,P=/([A-Z])/g;function R(e,n,r,i){if(x.acceptData(e)){var o,a,s=x.expando,l=e.nodeType,u=l?x.cache:e,c=l?e[s]:e[s]&&s;if(c&&u[c]&&(i||u[c].data)||r!==t||"string"!=typeof n)return c||(c=l?e[s]=p.pop()||x.guid++:s),u[c]||(u[c]=l?{}:{toJSON:x.noop}),("object"==typeof n||"function"==typeof n)&&(i?u[c]=x.extend(u[c],n):u[c].data=x.extend(u[c].data,n)),a=u[c],i||(a.data||(a.data={}),a=a.data),r!==t&&(a[x.camelCase(n)]=r),"string"==typeof n?(o=a[n],null==o&&(o=a[x.camelCase(n)])):o=a,o}}function W(e,t,n){if(x.acceptData(e)){var r,i,o=e.nodeType,a=o?x.cache:e,s=o?e[x.expando]:x.expando;if(a[s]){if(t&&(r=n?a[s]:a[s].data)){x.isArray(t)?t=t.concat(x.map(t,x.camelCase)):t in r?t=[t]:(t=x.camelCase(t),t=t in r?[t]:t.split(" ")),i=t.length;while(i--)delete r[t[i]];if(n?!I(r):!x.isEmptyObject(r))return}(n||(delete a[s].data,I(a[s])))&&(o?x.cleanData([e],!0):x.support.deleteExpando||a!=a.window?delete a[s]:a[s]=null)}}}x.extend({cache:{},noData:{applet:!0,embed:!0,object:"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"},hasData:function(e){return e=e.nodeType?x.cache[e[x.expando]]:e[x.expando],!!e&&!I(e)},data:function(e,t,n){return R(e,t,n)},removeData:function(e,t){return W(e,t)},_data:function(e,t,n){return R(e,t,n,!0)},_removeData:function(e,t){return W(e,t,!0)},acceptData:function(e){if(e.nodeType&&1!==e.nodeType&&9!==e.nodeType)return!1;var t=e.nodeName&&x.noData[e.nodeName.toLowerCase()];return!t||t!==!0&&e.getAttribute("classid")===t}}),x.fn.extend({data:function(e,n){var r,i,o=null,a=0,s=this[0];if(e===t){if(this.length&&(o=x.data(s),1===s.nodeType&&!x._data(s,"parsedAttrs"))){for(r=s.attributes;r.length>a;a++)i=r[a].name,0===i.indexOf("data-")&&(i=x.camelCase(i.slice(5)),$(s,i,o[i]));x._data(s,"parsedAttrs",!0)}return o}return"object"==typeof e?this.each(function(){x.data(this,e)}):arguments.length>1?this.each(function(){x.data(this,e,n)}):s?$(s,e,x.data(s,e)):null},removeData:function(e){return this.each(function(){x.removeData(this,e)})}});function $(e,n,r){if(r===t&&1===e.nodeType){var i="data-"+n.replace(P,"-$1").toLowerCase();if(r=e.getAttribute(i),"string"==typeof r){try{r="true"===r?!0:"false"===r?!1:"null"===r?null:+r+""===r?+r:B.test(r)?x.parseJSON(r):r}catch(o){}x.data(e,n,r)}else r=t}return r}function I(e){var t;for(t in e)if(("data"!==t||!x.isEmptyObject(e[t]))&&"toJSON"!==t)return!1;return!0}x.extend({queue:function(e,n,r){var i;return e?(n=(n||"fx")+"queue",i=x._data(e,n),r&&(!i||x.isArray(r)?i=x._data(e,n,x.makeArray(r)):i.push(r)),i||[]):t},dequeue:function(e,t){t=t||"fx";var n=x.queue(e,t),r=n.length,i=n.shift(),o=x._queueHooks(e,t),a=function(){x.dequeue(e,t)};"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,a,o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return x._data(e,n)||x._data(e,n,{empty:x.Callbacks("once memory").add(function(){x._removeData(e,t+"queue"),x._removeData(e,n)})})}}),x.fn.extend({queue:function(e,n){var r=2;return"string"!=typeof e&&(n=e,e="fx",r--),r>arguments.length?x.queue(this[0],e):n===t?this:this.each(function(){var t=x.queue(this,e,n);x._queueHooks(this,e),"fx"===e&&"inprogress"!==t[0]&&x.dequeue(this,e)})},dequeue:function(e){return this.each(function(){x.dequeue(this,e)})},delay:function(e,t){return e=x.fx?x.fx.speeds[e]||e:e,t=t||"fx",this.queue(t,function(t,n){var r=setTimeout(t,e);n.stop=function(){clearTimeout(r)}})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,n){var r,i=1,o=x.Deferred(),a=this,s=this.length,l=function(){--i||o.resolveWith(a,[a])};"string"!=typeof e&&(n=e,e=t),e=e||"fx";while(s--)r=x._data(a[s],e+"queueHooks"),r&&r.empty&&(i++,r.empty.add(l));return l(),o.promise(n)}});var z,X,U=/[\t\r\n\f]/g,V=/\r/g,Y=/^(?:input|select|textarea|button|object)$/i,J=/^(?:a|area)$/i,G=/^(?:checked|selected)$/i,Q=x.support.getSetAttribute,K=x.support.input;x.fn.extend({attr:function(e,t){return x.access(this,x.attr,e,t,arguments.length>1)},removeAttr:function(e){return this.each(function(){x.removeAttr(this,e)})},prop:function(e,t){return x.access(this,x.prop,e,t,arguments.length>1)},removeProp:function(e){return e=x.propFix[e]||e,this.each(function(){try{this[e]=t,delete this[e]}catch(n){}})},addClass:function(e){var t,n,r,i,o,a=0,s=this.length,l="string"==typeof e&&e;if(x.isFunction(e))return this.each(function(t){x(this).addClass(e.call(this,t,this.className))});if(l)for(t=(e||"").match(T)||[];s>a;a++)if(n=this[a],r=1===n.nodeType&&(n.className?(" "+n.className+" ").replace(U," "):" ")){o=0;while(i=t[o++])0>r.indexOf(" "+i+" ")&&(r+=i+" ");n.className=x.trim(r)}return this},removeClass:function(e){var t,n,r,i,o,a=0,s=this.length,l=0===arguments.length||"string"==typeof e&&e;if(x.isFunction(e))return this.each(function(t){x(this).removeClass(e.call(this,t,this.className))});if(l)for(t=(e||"").match(T)||[];s>a;a++)if(n=this[a],r=1===n.nodeType&&(n.className?(" "+n.className+" ").replace(U," "):"")){o=0;while(i=t[o++])while(r.indexOf(" "+i+" ")>=0)r=r.replace(" "+i+" "," ");n.className=e?x.trim(r):""}return this},toggleClass:function(e,t){var n=typeof e;return"boolean"==typeof t&&"string"===n?t?this.addClass(e):this.removeClass(e):x.isFunction(e)?this.each(function(n){x(this).toggleClass(e.call(this,n,this.className,t),t)}):this.each(function(){if("string"===n){var t,r=0,o=x(this),a=e.match(T)||[];while(t=a[r++])o.hasClass(t)?o.removeClass(t):o.addClass(t)}else(n===i||"boolean"===n)&&(this.className&&x._data(this,"__className__",this.className),this.className=this.className||e===!1?"":x._data(this,"__className__")||"")})},hasClass:function(e){var t=" "+e+" ",n=0,r=this.length;for(;r>n;n++)if(1===this[n].nodeType&&(" "+this[n].className+" ").replace(U," ").indexOf(t)>=0)return!0;return!1},val:function(e){var n,r,i,o=this[0];{if(arguments.length)return i=x.isFunction(e),this.each(function(n){var o;1===this.nodeType&&(o=i?e.call(this,n,x(this).val()):e,null==o?o="":"number"==typeof o?o+="":x.isArray(o)&&(o=x.map(o,function(e){return null==e?"":e+""})),r=x.valHooks[this.type]||x.valHooks[this.nodeName.toLowerCase()],r&&"set"in r&&r.set(this,o,"value")!==t||(this.value=o))});if(o)return r=x.valHooks[o.type]||x.valHooks[o.nodeName.toLowerCase()],r&&"get"in r&&(n=r.get(o,"value"))!==t?n:(n=o.value,"string"==typeof n?n.replace(V,""):null==n?"":n)}}}),x.extend({valHooks:{option:{get:function(e){var t=x.find.attr(e,"value");return null!=t?t:e.text}},select:{get:function(e){var t,n,r=e.options,i=e.selectedIndex,o="select-one"===e.type||0>i,a=o?null:[],s=o?i+1:r.length,l=0>i?s:o?i:0;for(;s>l;l++)if(n=r[l],!(!n.selected&&l!==i||(x.support.optDisabled?n.disabled:null!==n.getAttribute("disabled"))||n.parentNode.disabled&&x.nodeName(n.parentNode,"optgroup"))){if(t=x(n).val(),o)return t;a.push(t)}return a},set:function(e,t){var n,r,i=e.options,o=x.makeArray(t),a=i.length;while(a--)r=i[a],(r.selected=x.inArray(x(r).val(),o)>=0)&&(n=!0);return n||(e.selectedIndex=-1),o}}},attr:function(e,n,r){var o,a,s=e.nodeType;if(e&&3!==s&&8!==s&&2!==s)return typeof e.getAttribute===i?x.prop(e,n,r):(1===s&&x.isXMLDoc(e)||(n=n.toLowerCase(),o=x.attrHooks[n]||(x.expr.match.bool.test(n)?X:z)),r===t?o&&"get"in o&&null!==(a=o.get(e,n))?a:(a=x.find.attr(e,n),null==a?t:a):null!==r?o&&"set"in o&&(a=o.set(e,r,n))!==t?a:(e.setAttribute(n,r+""),r):(x.removeAttr(e,n),t))},removeAttr:function(e,t){var n,r,i=0,o=t&&t.match(T);if(o&&1===e.nodeType)while(n=o[i++])r=x.propFix[n]||n,x.expr.match.bool.test(n)?K&&Q||!G.test(n)?e[r]=!1:e[x.camelCase("default-"+n)]=e[r]=!1:x.attr(e,n,""),e.removeAttribute(Q?n:r)},attrHooks:{type:{set:function(e,t){if(!x.support.radioValue&&"radio"===t&&x.nodeName(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},propFix:{"for":"htmlFor","class":"className"},prop:function(e,n,r){var i,o,a,s=e.nodeType;if(e&&3!==s&&8!==s&&2!==s)return a=1!==s||!x.isXMLDoc(e),a&&(n=x.propFix[n]||n,o=x.propHooks[n]),r!==t?o&&"set"in o&&(i=o.set(e,r,n))!==t?i:e[n]=r:o&&"get"in o&&null!==(i=o.get(e,n))?i:e[n]},propHooks:{tabIndex:{get:function(e){var t=x.find.attr(e,"tabindex");return t?parseInt(t,10):Y.test(e.nodeName)||J.test(e.nodeName)&&e.href?0:-1}}}}),X={set:function(e,t,n){return t===!1?x.removeAttr(e,n):K&&Q||!G.test(n)?e.setAttribute(!Q&&x.propFix[n]||n,n):e[x.camelCase("default-"+n)]=e[n]=!0,n}},x.each(x.expr.match.bool.source.match(/\w+/g),function(e,n){var r=x.expr.attrHandle[n]||x.find.attr;x.expr.attrHandle[n]=K&&Q||!G.test(n)?function(e,n,i){var o=x.expr.attrHandle[n],a=i?t:(x.expr.attrHandle[n]=t)!=r(e,n,i)?n.toLowerCase():null;return x.expr.attrHandle[n]=o,a}:function(e,n,r){return r?t:e[x.camelCase("default-"+n)]?n.toLowerCase():null}}),K&&Q||(x.attrHooks.value={set:function(e,n,r){return x.nodeName(e,"input")?(e.defaultValue=n,t):z&&z.set(e,n,r)}}),Q||(z={set:function(e,n,r){var i=e.getAttributeNode(r);return i||e.setAttributeNode(i=e.ownerDocument.createAttribute(r)),i.value=n+="","value"===r||n===e.getAttribute(r)?n:t}},x.expr.attrHandle.id=x.expr.attrHandle.name=x.expr.attrHandle.coords=function(e,n,r){var i;return r?t:(i=e.getAttributeNode(n))&&""!==i.value?i.value:null},x.valHooks.button={get:function(e,n){var r=e.getAttributeNode(n);return r&&r.specified?r.value:t},set:z.set},x.attrHooks.contenteditable={set:function(e,t,n){z.set(e,""===t?!1:t,n)}},x.each(["width","height"],function(e,n){x.attrHooks[n]={set:function(e,r){return""===r?(e.setAttribute(n,"auto"),r):t}}})),x.support.hrefNormalized||x.each(["href","src"],function(e,t){x.propHooks[t]={get:function(e){return e.getAttribute(t,4)}}}),x.support.style||(x.attrHooks.style={get:function(e){return e.style.cssText||t},set:function(e,t){return e.style.cssText=t+""}}),x.support.optSelected||(x.propHooks.selected={get:function(e){var t=e.parentNode;return t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex),null}}),x.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){x.propFix[this.toLowerCase()]=this}),x.support.enctype||(x.propFix.enctype="encoding"),x.each(["radio","checkbox"],function(){x.valHooks[this]={set:function(e,n){return x.isArray(n)?e.checked=x.inArray(x(e).val(),n)>=0:t}},x.support.checkOn||(x.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})});var Z=/^(?:input|select|textarea)$/i,et=/^key/,tt=/^(?:mouse|contextmenu)|click/,nt=/^(?:focusinfocus|focusoutblur)$/,rt=/^([^.]*)(?:\.(.+)|)$/;function it(){return!0}function ot(){return!1}function at(){try{return a.activeElement}catch(e){}}x.event={global:{},add:function(e,n,r,o,a){var s,l,u,c,p,f,d,h,g,m,y,v=x._data(e);if(v){r.handler&&(c=r,r=c.handler,a=c.selector),r.guid||(r.guid=x.guid++),(l=v.events)||(l=v.events={}),(f=v.handle)||(f=v.handle=function(e){return typeof x===i||e&&x.event.triggered===e.type?t:x.event.dispatch.apply(f.elem,arguments)},f.elem=e),n=(n||"").match(T)||[""],u=n.length;while(u--)s=rt.exec(n[u])||[],g=y=s[1],m=(s[2]||"").split(".").sort(),g&&(p=x.event.special[g]||{},g=(a?p.delegateType:p.bindType)||g,p=x.event.special[g]||{},d=x.extend({type:g,origType:y,data:o,handler:r,guid:r.guid,selector:a,needsContext:a&&x.expr.match.needsContext.test(a),namespace:m.join(".")},c),(h=l[g])||(h=l[g]=[],h.delegateCount=0,p.setup&&p.setup.call(e,o,m,f)!==!1||(e.addEventListener?e.addEventListener(g,f,!1):e.attachEvent&&e.attachEvent("on"+g,f))),p.add&&(p.add.call(e,d),d.handler.guid||(d.handler.guid=r.guid)),a?h.splice(h.delegateCount++,0,d):h.push(d),x.event.global[g]=!0);e=null}},remove:function(e,t,n,r,i){var o,a,s,l,u,c,p,f,d,h,g,m=x.hasData(e)&&x._data(e);if(m&&(c=m.events)){t=(t||"").match(T)||[""],u=t.length;while(u--)if(s=rt.exec(t[u])||[],d=g=s[1],h=(s[2]||"").split(".").sort(),d){p=x.event.special[d]||{},d=(r?p.delegateType:p.bindType)||d,f=c[d]||[],s=s[2]&&RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),l=o=f.length;while(o--)a=f[o],!i&&g!==a.origType||n&&n.guid!==a.guid||s&&!s.test(a.namespace)||r&&r!==a.selector&&("**"!==r||!a.selector)||(f.splice(o,1),a.selector&&f.delegateCount--,p.remove&&p.remove.call(e,a));l&&!f.length&&(p.teardown&&p.teardown.call(e,h,m.handle)!==!1||x.removeEvent(e,d,m.handle),delete c[d])}else for(d in c)x.event.remove(e,d+t[u],n,r,!0);x.isEmptyObject(c)&&(delete m.handle,x._removeData(e,"events"))}},trigger:function(n,r,i,o){var s,l,u,c,p,f,d,h=[i||a],g=v.call(n,"type")?n.type:n,m=v.call(n,"namespace")?n.namespace.split("."):[];if(u=f=i=i||a,3!==i.nodeType&&8!==i.nodeType&&!nt.test(g+x.event.triggered)&&(g.indexOf(".")>=0&&(m=g.split("."),g=m.shift(),m.sort()),l=0>g.indexOf(":")&&"on"+g,n=n[x.expando]?n:new x.Event(g,"object"==typeof n&&n),n.isTrigger=o?2:3,n.namespace=m.join("."),n.namespace_re=n.namespace?RegExp("(^|\\.)"+m.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,n.result=t,n.target||(n.target=i),r=null==r?[n]:x.makeArray(r,[n]),p=x.event.special[g]||{},o||!p.trigger||p.trigger.apply(i,r)!==!1)){if(!o&&!p.noBubble&&!x.isWindow(i)){for(c=p.delegateType||g,nt.test(c+g)||(u=u.parentNode);u;u=u.parentNode)h.push(u),f=u;f===(i.ownerDocument||a)&&h.push(f.defaultView||f.parentWindow||e)}d=0;while((u=h[d++])&&!n.isPropagationStopped())n.type=d>1?c:p.bindType||g,s=(x._data(u,"events")||{})[n.type]&&x._data(u,"handle"),s&&s.apply(u,r),s=l&&u[l],s&&x.acceptData(u)&&s.apply&&s.apply(u,r)===!1&&n.preventDefault();if(n.type=g,!o&&!n.isDefaultPrevented()&&(!p._default||p._default.apply(h.pop(),r)===!1)&&x.acceptData(i)&&l&&i[g]&&!x.isWindow(i)){f=i[l],f&&(i[l]=null),x.event.triggered=g;try{i[g]()}catch(y){}x.event.triggered=t,f&&(i[l]=f)}return n.result}},dispatch:function(e){e=x.event.fix(e);var n,r,i,o,a,s=[],l=g.call(arguments),u=(x._data(this,"events")||{})[e.type]||[],c=x.event.special[e.type]||{};if(l[0]=e,e.delegateTarget=this,!c.preDispatch||c.preDispatch.call(this,e)!==!1){s=x.event.handlers.call(this,e,u),n=0;while((o=s[n++])&&!e.isPropagationStopped()){e.currentTarget=o.elem,a=0;while((i=o.handlers[a++])&&!e.isImmediatePropagationStopped())(!e.namespace_re||e.namespace_re.test(i.namespace))&&(e.handleObj=i,e.data=i.data,r=((x.event.special[i.origType]||{}).handle||i.handler).apply(o.elem,l),r!==t&&(e.result=r)===!1&&(e.preventDefault(),e.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,e),e.result}},handlers:function(e,n){var r,i,o,a,s=[],l=n.delegateCount,u=e.target;if(l&&u.nodeType&&(!e.button||"click"!==e.type))for(;u!=this;u=u.parentNode||this)if(1===u.nodeType&&(u.disabled!==!0||"click"!==e.type)){for(o=[],a=0;l>a;a++)i=n[a],r=i.selector+" ",o[r]===t&&(o[r]=i.needsContext?x(r,this).index(u)>=0:x.find(r,this,null,[u]).length),o[r]&&o.push(i);o.length&&s.push({elem:u,handlers:o})}return n.length>l&&s.push({elem:this,handlers:n.slice(l)}),s},fix:function(e){if(e[x.expando])return e;var t,n,r,i=e.type,o=e,s=this.fixHooks[i];s||(this.fixHooks[i]=s=tt.test(i)?this.mouseHooks:et.test(i)?this.keyHooks:{}),r=s.props?this.props.concat(s.props):this.props,e=new x.Event(o),t=r.length;while(t--)n=r[t],e[n]=o[n];return e.target||(e.target=o.srcElement||a),3===e.target.nodeType&&(e.target=e.target.parentNode),e.metaKey=!!e.metaKey,s.filter?s.filter(e,o):e},props:"altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),fixHooks:{},keyHooks:{props:"char charCode key keyCode".split(" "),filter:function(e,t){return null==e.which&&(e.which=null!=t.charCode?t.charCode:t.keyCode),e}},mouseHooks:{props:"button buttons clientX clientY fromElement offsetX offsetY pageX pageY screenX screenY toElement".split(" "),filter:function(e,n){var r,i,o,s=n.button,l=n.fromElement;return null==e.pageX&&null!=n.clientX&&(i=e.target.ownerDocument||a,o=i.documentElement,r=i.body,e.pageX=n.clientX+(o&&o.scrollLeft||r&&r.scrollLeft||0)-(o&&o.clientLeft||r&&r.clientLeft||0),e.pageY=n.clientY+(o&&o.scrollTop||r&&r.scrollTop||0)-(o&&o.clientTop||r&&r.clientTop||0)),!e.relatedTarget&&l&&(e.relatedTarget=l===e.target?n.toElement:l),e.which||s===t||(e.which=1&s?1:2&s?3:4&s?2:0),e}},special:{load:{noBubble:!0},focus:{trigger:function(){if(this!==at()&&this.focus)try{return this.focus(),!1}catch(e){}},delegateType:"focusin"},blur:{trigger:function(){return this===at()&&this.blur?(this.blur(),!1):t},delegateType:"focusout"},click:{trigger:function(){return x.nodeName(this,"input")&&"checkbox"===this.type&&this.click?(this.click(),!1):t},_default:function(e){return x.nodeName(e.target,"a")}},beforeunload:{postDispatch:function(e){e.result!==t&&(e.originalEvent.returnValue=e.result)}}},simulate:function(e,t,n,r){var i=x.extend(new x.Event,n,{type:e,isSimulated:!0,originalEvent:{}});r?x.event.trigger(i,null,t):x.event.dispatch.call(t,i),i.isDefaultPrevented()&&n.preventDefault()}},x.removeEvent=a.removeEventListener?function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n,!1)}:function(e,t,n){var r="on"+t;e.detachEvent&&(typeof e[r]===i&&(e[r]=null),e.detachEvent(r,n))},x.Event=function(e,n){return this instanceof x.Event?(e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||e.returnValue===!1||e.getPreventDefault&&e.getPreventDefault()?it:ot):this.type=e,n&&x.extend(this,n),this.timeStamp=e&&e.timeStamp||x.now(),this[x.expando]=!0,t):new x.Event(e,n)},x.Event.prototype={isDefaultPrevented:ot,isPropagationStopped:ot,isImmediatePropagationStopped:ot,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=it,e&&(e.preventDefault?e.preventDefault():e.returnValue=!1)},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=it,e&&(e.stopPropagation&&e.stopPropagation(),e.cancelBubble=!0)},stopImmediatePropagation:function(){this.isImmediatePropagationStopped=it,this.stopPropagation()}},x.each({mouseenter:"mouseover",mouseleave:"mouseout"},function(e,t){x.event.special[e]={delegateType:t,bindType:t,handle:function(e){var n,r=this,i=e.relatedTarget,o=e.handleObj;return(!i||i!==r&&!x.contains(r,i))&&(e.type=o.origType,n=o.handler.apply(this,arguments),e.type=t),n}}}),x.support.submitBubbles||(x.event.special.submit={setup:function(){return x.nodeName(this,"form")?!1:(x.event.add(this,"click._submit keypress._submit",function(e){var n=e.target,r=x.nodeName(n,"input")||x.nodeName(n,"button")?n.form:t;r&&!x._data(r,"submitBubbles")&&(x.event.add(r,"submit._submit",function(e){e._submit_bubble=!0}),x._data(r,"submitBubbles",!0))}),t)},postDispatch:function(e){e._submit_bubble&&(delete e._submit_bubble,this.parentNode&&!e.isTrigger&&x.event.simulate("submit",this.parentNode,e,!0))},teardown:function(){return x.nodeName(this,"form")?!1:(x.event.remove(this,"._submit"),t)}}),x.support.changeBubbles||(x.event.special.change={setup:function(){return Z.test(this.nodeName)?(("checkbox"===this.type||"radio"===this.type)&&(x.event.add(this,"propertychange._change",function(e){"checked"===e.originalEvent.propertyName&&(this._just_changed=!0)}),x.event.add(this,"click._change",function(e){this._just_changed&&!e.isTrigger&&(this._just_changed=!1),x.event.simulate("change",this,e,!0)})),!1):(x.event.add(this,"beforeactivate._change",function(e){var t=e.target;Z.test(t.nodeName)&&!x._data(t,"changeBubbles")&&(x.event.add(t,"change._change",function(e){!this.parentNode||e.isSimulated||e.isTrigger||x.event.simulate("change",this.parentNode,e,!0)}),x._data(t,"changeBubbles",!0))}),t)},handle:function(e){var n=e.target;return this!==n||e.isSimulated||e.isTrigger||"radio"!==n.type&&"checkbox"!==n.type?e.handleObj.handler.apply(this,arguments):t},teardown:function(){return x.event.remove(this,"._change"),!Z.test(this.nodeName)}}),x.support.focusinBubbles||x.each({focus:"focusin",blur:"focusout"},function(e,t){var n=0,r=function(e){x.event.simulate(t,e.target,x.event.fix(e),!0)};x.event.special[t]={setup:function(){0===n++&&a.addEventListener(e,r,!0)},teardown:function(){0===--n&&a.removeEventListener(e,r,!0)}}}),x.fn.extend({on:function(e,n,r,i,o){var a,s;if("object"==typeof e){"string"!=typeof n&&(r=r||n,n=t);for(a in e)this.on(a,n,r,e[a],o);return this}if(null==r&&null==i?(i=n,r=n=t):null==i&&("string"==typeof n?(i=r,r=t):(i=r,r=n,n=t)),i===!1)i=ot;else if(!i)return this;return 1===o&&(s=i,i=function(e){return x().off(e),s.apply(this,arguments)},i.guid=s.guid||(s.guid=x.guid++)),this.each(function(){x.event.add(this,e,i,r,n)})},one:function(e,t,n,r){return this.on(e,t,n,r,1)},off:function(e,n,r){var i,o;if(e&&e.preventDefault&&e.handleObj)return i=e.handleObj,x(e.delegateTarget).off(i.namespace?i.origType+"."+i.namespace:i.origType,i.selector,i.handler),this;if("object"==typeof e){for(o in e)this.off(o,n,e[o]);return this}return(n===!1||"function"==typeof n)&&(r=n,n=t),r===!1&&(r=ot),this.each(function(){x.event.remove(this,e,r,n)})},trigger:function(e,t){return this.each(function(){x.event.trigger(e,t,this)})},triggerHandler:function(e,n){var r=this[0];return r?x.event.trigger(e,n,r,!0):t}});var st=/^.[^:#\[\.,]*$/,lt=/^(?:parents|prev(?:Until|All))/,ut=x.expr.match.needsContext,ct={children:!0,contents:!0,next:!0,prev:!0};x.fn.extend({find:function(e){var t,n=[],r=this,i=r.length;if("string"!=typeof e)return this.pushStack(x(e).filter(function(){for(t=0;i>t;t++)if(x.contains(r[t],this))return!0}));for(t=0;i>t;t++)x.find(e,r[t],n);return n=this.pushStack(i>1?x.unique(n):n),n.selector=this.selector?this.selector+" "+e:e,n},has:function(e){var t,n=x(e,this),r=n.length;return this.filter(function(){for(t=0;r>t;t++)if(x.contains(this,n[t]))return!0})},not:function(e){return this.pushStack(ft(this,e||[],!0))},filter:function(e){return this.pushStack(ft(this,e||[],!1))},is:function(e){return!!ft(this,"string"==typeof e&&ut.test(e)?x(e):e||[],!1).length},closest:function(e,t){var n,r=0,i=this.length,o=[],a=ut.test(e)||"string"!=typeof e?x(e,t||this.context):0;for(;i>r;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(11>n.nodeType&&(a?a.index(n)>-1:1===n.nodeType&&x.find.matchesSelector(n,e))){n=o.push(n);break}return this.pushStack(o.length>1?x.unique(o):o)},index:function(e){return e?"string"==typeof e?x.inArray(this[0],x(e)):x.inArray(e.jquery?e[0]:e,this):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){var n="string"==typeof e?x(e,t):x.makeArray(e&&e.nodeType?[e]:e),r=x.merge(this.get(),n);return this.pushStack(x.unique(r))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}});function pt(e,t){do e=e[t];while(e&&1!==e.nodeType);return e}x.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return x.dir(e,"parentNode")},parentsUntil:function(e,t,n){return x.dir(e,"parentNode",n)},next:function(e){return pt(e,"nextSibling")},prev:function(e){return pt(e,"previousSibling")},nextAll:function(e){return x.dir(e,"nextSibling")},prevAll:function(e){return x.dir(e,"previousSibling")},nextUntil:function(e,t,n){return x.dir(e,"nextSibling",n)},prevUntil:function(e,t,n){return x.dir(e,"previousSibling",n)},siblings:function(e){return x.sibling((e.parentNode||{}).firstChild,e)},children:function(e){return x.sibling(e.firstChild)},contents:function(e){return x.nodeName(e,"iframe")?e.contentDocument||e.contentWindow.document:x.merge([],e.childNodes)}},function(e,t){x.fn[e]=function(n,r){var i=x.map(this,t,n);return"Until"!==e.slice(-5)&&(r=n),r&&"string"==typeof r&&(i=x.filter(r,i)),this.length>1&&(ct[e]||(i=x.unique(i)),lt.test(e)&&(i=i.reverse())),this.pushStack(i)}}),x.extend({filter:function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?x.find.matchesSelector(r,e)?[r]:[]:x.find.matches(e,x.grep(t,function(e){return 1===e.nodeType}))},dir:function(e,n,r){var i=[],o=e[n];while(o&&9!==o.nodeType&&(r===t||1!==o.nodeType||!x(o).is(r)))1===o.nodeType&&i.push(o),o=o[n];return i},sibling:function(e,t){var n=[];for(;e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n}});function ft(e,t,n){if(x.isFunction(t))return x.grep(e,function(e,r){return!!t.call(e,r,e)!==n});if(t.nodeType)return x.grep(e,function(e){return e===t!==n});if("string"==typeof t){if(st.test(t))return x.filter(t,e,n);t=x.filter(t,e)}return x.grep(e,function(e){return x.inArray(e,t)>=0!==n})}function dt(e){var t=ht.split("|"),n=e.createDocumentFragment();if(n.createElement)while(t.length)n.createElement(t.pop());return n}var ht="abbr|article|aside|audio|bdi|canvas|data|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",gt=/ jQuery\d+="(?:null|\d+)"/g,mt=RegExp("<(?:"+ht+")[\\s/>]","i"),yt=/^\s+/,vt=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/gi,bt=/<([\w:]+)/,xt=/<tbody/i,wt=/<|&#?\w+;/,Tt=/<(?:script|style|link)/i,Ct=/^(?:checkbox|radio)$/i,Nt=/checked\s*(?:[^=]|=\s*.checked.)/i,kt=/^$|\/(?:java|ecma)script/i,Et=/^true\/(.*)/,St=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g,At={option:[1,"<select multiple='multiple'>","</select>"],legend:[1,"<fieldset>","</fieldset>"],area:[1,"<map>","</map>"],param:[1,"<object>","</object>"],thead:[1,"<table>","</table>"],tr:[2,"<table><tbody>","</tbody></table>"],col:[2,"<table><tbody></tbody><colgroup>","</colgroup></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:x.support.htmlSerialize?[0,"",""]:[1,"X<div>","</div>"]},jt=dt(a),Dt=jt.appendChild(a.createElement("div"));At.optgroup=At.option,At.tbody=At.tfoot=At.colgroup=At.caption=At.thead,At.th=At.td,x.fn.extend({text:function(e){return x.access(this,function(e){return e===t?x.text(this):this.empty().append((this[0]&&this[0].ownerDocument||a).createTextNode(e))},null,e,arguments.length)},append:function(){return this.domManip(arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Lt(this,e);t.appendChild(e)}})},prepend:function(){return this.domManip(arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Lt(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return this.domManip(arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return this.domManip(arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},remove:function(e,t){var n,r=e?x.filter(e,this):this,i=0;for(;null!=(n=r[i]);i++)t||1!==n.nodeType||x.cleanData(Ft(n)),n.parentNode&&(t&&x.contains(n.ownerDocument,n)&&_t(Ft(n,"script")),n.parentNode.removeChild(n));return this},empty:function(){var e,t=0;for(;null!=(e=this[t]);t++){1===e.nodeType&&x.cleanData(Ft(e,!1));while(e.firstChild)e.removeChild(e.firstChild);e.options&&x.nodeName(e,"select")&&(e.options.length=0)}return this},clone:function(e,t){return e=null==e?!1:e,t=null==t?e:t,this.map(function(){return x.clone(this,e,t)})},html:function(e){return x.access(this,function(e){var n=this[0]||{},r=0,i=this.length;if(e===t)return 1===n.nodeType?n.innerHTML.replace(gt,""):t;if(!("string"!=typeof e||Tt.test(e)||!x.support.htmlSerialize&&mt.test(e)||!x.support.leadingWhitespace&&yt.test(e)||At[(bt.exec(e)||["",""])[1].toLowerCase()])){e=e.replace(vt,"<$1></$2>");try{for(;i>r;r++)n=this[r]||{},1===n.nodeType&&(x.cleanData(Ft(n,!1)),n.innerHTML=e);n=0}catch(o){}}n&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var e=x.map(this,function(e){return[e.nextSibling,e.parentNode]}),t=0;return this.domManip(arguments,function(n){var r=e[t++],i=e[t++];i&&(r&&r.parentNode!==i&&(r=this.nextSibling),x(this).remove(),i.insertBefore(n,r))},!0),t?this:this.remove()},detach:function(e){return this.remove(e,!0)},domManip:function(e,t,n){e=d.apply([],e);var r,i,o,a,s,l,u=0,c=this.length,p=this,f=c-1,h=e[0],g=x.isFunction(h);if(g||!(1>=c||"string"!=typeof h||x.support.checkClone)&&Nt.test(h))return this.each(function(r){var i=p.eq(r);g&&(e[0]=h.call(this,r,i.html())),i.domManip(e,t,n)});if(c&&(l=x.buildFragment(e,this[0].ownerDocument,!1,!n&&this),r=l.firstChild,1===l.childNodes.length&&(l=r),r)){for(a=x.map(Ft(l,"script"),Ht),o=a.length;c>u;u++)i=l,u!==f&&(i=x.clone(i,!0,!0),o&&x.merge(a,Ft(i,"script"))),t.call(this[u],i,u);if(o)for(s=a[a.length-1].ownerDocument,x.map(a,qt),u=0;o>u;u++)i=a[u],kt.test(i.type||"")&&!x._data(i,"globalEval")&&x.contains(s,i)&&(i.src?x._evalUrl(i.src):x.globalEval((i.text||i.textContent||i.innerHTML||"").replace(St,"")));l=r=null}return this}});function Lt(e,t){return x.nodeName(e,"table")&&x.nodeName(1===t.nodeType?t:t.firstChild,"tr")?e.getElementsByTagName("tbody")[0]||e.appendChild(e.ownerDocument.createElement("tbody")):e}function Ht(e){return e.type=(null!==x.find.attr(e,"type"))+"/"+e.type,e}function qt(e){var t=Et.exec(e.type);return t?e.type=t[1]:e.removeAttribute("type"),e}function _t(e,t){var n,r=0;for(;null!=(n=e[r]);r++)x._data(n,"globalEval",!t||x._data(t[r],"globalEval"))}function Mt(e,t){if(1===t.nodeType&&x.hasData(e)){var n,r,i,o=x._data(e),a=x._data(t,o),s=o.events;if(s){delete a.handle,a.events={};for(n in s)for(r=0,i=s[n].length;i>r;r++)x.event.add(t,n,s[n][r])}a.data&&(a.data=x.extend({},a.data))}}function Ot(e,t){var n,r,i;if(1===t.nodeType){if(n=t.nodeName.toLowerCase(),!x.support.noCloneEvent&&t[x.expando]){i=x._data(t);for(r in i.events)x.removeEvent(t,r,i.handle);t.removeAttribute(x.expando)}"script"===n&&t.text!==e.text?(Ht(t).text=e.text,qt(t)):"object"===n?(t.parentNode&&(t.outerHTML=e.outerHTML),x.support.html5Clone&&e.innerHTML&&!x.trim(t.innerHTML)&&(t.innerHTML=e.innerHTML)):"input"===n&&Ct.test(e.type)?(t.defaultChecked=t.checked=e.checked,t.value!==e.value&&(t.value=e.value)):"option"===n?t.defaultSelected=t.selected=e.defaultSelected:("input"===n||"textarea"===n)&&(t.defaultValue=e.defaultValue)}}x.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,t){x.fn[e]=function(e){var n,r=0,i=[],o=x(e),a=o.length-1;for(;a>=r;r++)n=r===a?this:this.clone(!0),x(o[r])[t](n),h.apply(i,n.get());return this.pushStack(i)}});function Ft(e,n){var r,o,a=0,s=typeof e.getElementsByTagName!==i?e.getElementsByTagName(n||"*"):typeof e.querySelectorAll!==i?e.querySelectorAll(n||"*"):t;if(!s)for(s=[],r=e.childNodes||e;null!=(o=r[a]);a++)!n||x.nodeName(o,n)?s.push(o):x.merge(s,Ft(o,n));return n===t||n&&x.nodeName(e,n)?x.merge([e],s):s}function Bt(e){Ct.test(e.type)&&(e.defaultChecked=e.checked)}x.extend({clone:function(e,t,n){var r,i,o,a,s,l=x.contains(e.ownerDocument,e);if(x.support.html5Clone||x.isXMLDoc(e)||!mt.test("<"+e.nodeName+">")?o=e.cloneNode(!0):(Dt.innerHTML=e.outerHTML,Dt.removeChild(o=Dt.firstChild)),!(x.support.noCloneEvent&&x.support.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||x.isXMLDoc(e)))for(r=Ft(o),s=Ft(e),a=0;null!=(i=s[a]);++a)r[a]&&Ot(i,r[a]);if(t)if(n)for(s=s||Ft(e),r=r||Ft(o),a=0;null!=(i=s[a]);a++)Mt(i,r[a]);else Mt(e,o);return r=Ft(o,"script"),r.length>0&&_t(r,!l&&Ft(e,"script")),r=s=i=null,o},buildFragment:function(e,t,n,r){var i,o,a,s,l,u,c,p=e.length,f=dt(t),d=[],h=0;for(;p>h;h++)if(o=e[h],o||0===o)if("object"===x.type(o))x.merge(d,o.nodeType?[o]:o);else if(wt.test(o)){s=s||f.appendChild(t.createElement("div")),l=(bt.exec(o)||["",""])[1].toLowerCase(),c=At[l]||At._default,s.innerHTML=c[1]+o.replace(vt,"<$1></$2>")+c[2],i=c[0];while(i--)s=s.lastChild;if(!x.support.leadingWhitespace&&yt.test(o)&&d.push(t.createTextNode(yt.exec(o)[0])),!x.support.tbody){o="table"!==l||xt.test(o)?"<table>"!==c[1]||xt.test(o)?0:s:s.firstChild,i=o&&o.childNodes.length;while(i--)x.nodeName(u=o.childNodes[i],"tbody")&&!u.childNodes.length&&o.removeChild(u)}x.merge(d,s.childNodes),s.textContent="";while(s.firstChild)s.removeChild(s.firstChild);s=f.lastChild}else d.push(t.createTextNode(o));s&&f.removeChild(s),x.support.appendChecked||x.grep(Ft(d,"input"),Bt),h=0;while(o=d[h++])if((!r||-1===x.inArray(o,r))&&(a=x.contains(o.ownerDocument,o),s=Ft(f.appendChild(o),"script"),a&&_t(s),n)){i=0;while(o=s[i++])kt.test(o.type||"")&&n.push(o)}return s=null,f},cleanData:function(e,t){var n,r,o,a,s=0,l=x.expando,u=x.cache,c=x.support.deleteExpando,f=x.event.special;for(;null!=(n=e[s]);s++)if((t||x.acceptData(n))&&(o=n[l],a=o&&u[o])){if(a.events)for(r in a.events)f[r]?x.event.remove(n,r):x.removeEvent(n,r,a.handle);
+u[o]&&(delete u[o],c?delete n[l]:typeof n.removeAttribute!==i?n.removeAttribute(l):n[l]=null,p.push(o))}},_evalUrl:function(e){return x.ajax({url:e,type:"GET",dataType:"script",async:!1,global:!1,"throws":!0})}}),x.fn.extend({wrapAll:function(e){if(x.isFunction(e))return this.each(function(t){x(this).wrapAll(e.call(this,t))});if(this[0]){var t=x(e,this[0].ownerDocument).eq(0).clone(!0);this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstChild&&1===e.firstChild.nodeType)e=e.firstChild;return e}).append(this)}return this},wrapInner:function(e){return x.isFunction(e)?this.each(function(t){x(this).wrapInner(e.call(this,t))}):this.each(function(){var t=x(this),n=t.contents();n.length?n.wrapAll(e):t.append(e)})},wrap:function(e){var t=x.isFunction(e);return this.each(function(n){x(this).wrapAll(t?e.call(this,n):e)})},unwrap:function(){return this.parent().each(function(){x.nodeName(this,"body")||x(this).replaceWith(this.childNodes)}).end()}});var Pt,Rt,Wt,$t=/alpha\([^)]*\)/i,It=/opacity\s*=\s*([^)]*)/,zt=/^(top|right|bottom|left)$/,Xt=/^(none|table(?!-c[ea]).+)/,Ut=/^margin/,Vt=RegExp("^("+w+")(.*)$","i"),Yt=RegExp("^("+w+")(?!px)[a-z%]+$","i"),Jt=RegExp("^([+-])=("+w+")","i"),Gt={BODY:"block"},Qt={position:"absolute",visibility:"hidden",display:"block"},Kt={letterSpacing:0,fontWeight:400},Zt=["Top","Right","Bottom","Left"],en=["Webkit","O","Moz","ms"];function tn(e,t){if(t in e)return t;var n=t.charAt(0).toUpperCase()+t.slice(1),r=t,i=en.length;while(i--)if(t=en[i]+n,t in e)return t;return r}function nn(e,t){return e=t||e,"none"===x.css(e,"display")||!x.contains(e.ownerDocument,e)}function rn(e,t){var n,r,i,o=[],a=0,s=e.length;for(;s>a;a++)r=e[a],r.style&&(o[a]=x._data(r,"olddisplay"),n=r.style.display,t?(o[a]||"none"!==n||(r.style.display=""),""===r.style.display&&nn(r)&&(o[a]=x._data(r,"olddisplay",ln(r.nodeName)))):o[a]||(i=nn(r),(n&&"none"!==n||!i)&&x._data(r,"olddisplay",i?n:x.css(r,"display"))));for(a=0;s>a;a++)r=e[a],r.style&&(t&&"none"!==r.style.display&&""!==r.style.display||(r.style.display=t?o[a]||"":"none"));return e}x.fn.extend({css:function(e,n){return x.access(this,function(e,n,r){var i,o,a={},s=0;if(x.isArray(n)){for(o=Rt(e),i=n.length;i>s;s++)a[n[s]]=x.css(e,n[s],!1,o);return a}return r!==t?x.style(e,n,r):x.css(e,n)},e,n,arguments.length>1)},show:function(){return rn(this,!0)},hide:function(){return rn(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){nn(this)?x(this).show():x(this).hide()})}}),x.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=Wt(e,"opacity");return""===n?"1":n}}}},cssNumber:{columnCount:!0,fillOpacity:!0,fontWeight:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{"float":x.support.cssFloat?"cssFloat":"styleFloat"},style:function(e,n,r,i){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var o,a,s,l=x.camelCase(n),u=e.style;if(n=x.cssProps[l]||(x.cssProps[l]=tn(u,l)),s=x.cssHooks[n]||x.cssHooks[l],r===t)return s&&"get"in s&&(o=s.get(e,!1,i))!==t?o:u[n];if(a=typeof r,"string"===a&&(o=Jt.exec(r))&&(r=(o[1]+1)*o[2]+parseFloat(x.css(e,n)),a="number"),!(null==r||"number"===a&&isNaN(r)||("number"!==a||x.cssNumber[l]||(r+="px"),x.support.clearCloneStyle||""!==r||0!==n.indexOf("background")||(u[n]="inherit"),s&&"set"in s&&(r=s.set(e,r,i))===t)))try{u[n]=r}catch(c){}}},css:function(e,n,r,i){var o,a,s,l=x.camelCase(n);return n=x.cssProps[l]||(x.cssProps[l]=tn(e.style,l)),s=x.cssHooks[n]||x.cssHooks[l],s&&"get"in s&&(a=s.get(e,!0,r)),a===t&&(a=Wt(e,n,i)),"normal"===a&&n in Kt&&(a=Kt[n]),""===r||r?(o=parseFloat(a),r===!0||x.isNumeric(o)?o||0:a):a}}),e.getComputedStyle?(Rt=function(t){return e.getComputedStyle(t,null)},Wt=function(e,n,r){var i,o,a,s=r||Rt(e),l=s?s.getPropertyValue(n)||s[n]:t,u=e.style;return s&&(""!==l||x.contains(e.ownerDocument,e)||(l=x.style(e,n)),Yt.test(l)&&Ut.test(n)&&(i=u.width,o=u.minWidth,a=u.maxWidth,u.minWidth=u.maxWidth=u.width=l,l=s.width,u.width=i,u.minWidth=o,u.maxWidth=a)),l}):a.documentElement.currentStyle&&(Rt=function(e){return e.currentStyle},Wt=function(e,n,r){var i,o,a,s=r||Rt(e),l=s?s[n]:t,u=e.style;return null==l&&u&&u[n]&&(l=u[n]),Yt.test(l)&&!zt.test(n)&&(i=u.left,o=e.runtimeStyle,a=o&&o.left,a&&(o.left=e.currentStyle.left),u.left="fontSize"===n?"1em":l,l=u.pixelLeft+"px",u.left=i,a&&(o.left=a)),""===l?"auto":l});function on(e,t,n){var r=Vt.exec(t);return r?Math.max(0,r[1]-(n||0))+(r[2]||"px"):t}function an(e,t,n,r,i){var o=n===(r?"border":"content")?4:"width"===t?1:0,a=0;for(;4>o;o+=2)"margin"===n&&(a+=x.css(e,n+Zt[o],!0,i)),r?("content"===n&&(a-=x.css(e,"padding"+Zt[o],!0,i)),"margin"!==n&&(a-=x.css(e,"border"+Zt[o]+"Width",!0,i))):(a+=x.css(e,"padding"+Zt[o],!0,i),"padding"!==n&&(a+=x.css(e,"border"+Zt[o]+"Width",!0,i)));return a}function sn(e,t,n){var r=!0,i="width"===t?e.offsetWidth:e.offsetHeight,o=Rt(e),a=x.support.boxSizing&&"border-box"===x.css(e,"boxSizing",!1,o);if(0>=i||null==i){if(i=Wt(e,t,o),(0>i||null==i)&&(i=e.style[t]),Yt.test(i))return i;r=a&&(x.support.boxSizingReliable||i===e.style[t]),i=parseFloat(i)||0}return i+an(e,t,n||(a?"border":"content"),r,o)+"px"}function ln(e){var t=a,n=Gt[e];return n||(n=un(e,t),"none"!==n&&n||(Pt=(Pt||x("<iframe frameborder='0' width='0' height='0'/>").css("cssText","display:block !important")).appendTo(t.documentElement),t=(Pt[0].contentWindow||Pt[0].contentDocument).document,t.write("<!doctype html><html><body>"),t.close(),n=un(e,t),Pt.detach()),Gt[e]=n),n}function un(e,t){var n=x(t.createElement(e)).appendTo(t.body),r=x.css(n[0],"display");return n.remove(),r}x.each(["height","width"],function(e,n){x.cssHooks[n]={get:function(e,r,i){return r?0===e.offsetWidth&&Xt.test(x.css(e,"display"))?x.swap(e,Qt,function(){return sn(e,n,i)}):sn(e,n,i):t},set:function(e,t,r){var i=r&&Rt(e);return on(e,t,r?an(e,n,r,x.support.boxSizing&&"border-box"===x.css(e,"boxSizing",!1,i),i):0)}}}),x.support.opacity||(x.cssHooks.opacity={get:function(e,t){return It.test((t&&e.currentStyle?e.currentStyle.filter:e.style.filter)||"")?.01*parseFloat(RegExp.$1)+"":t?"1":""},set:function(e,t){var n=e.style,r=e.currentStyle,i=x.isNumeric(t)?"alpha(opacity="+100*t+")":"",o=r&&r.filter||n.filter||"";n.zoom=1,(t>=1||""===t)&&""===x.trim(o.replace($t,""))&&n.removeAttribute&&(n.removeAttribute("filter"),""===t||r&&!r.filter)||(n.filter=$t.test(o)?o.replace($t,i):o+" "+i)}}),x(function(){x.support.reliableMarginRight||(x.cssHooks.marginRight={get:function(e,n){return n?x.swap(e,{display:"inline-block"},Wt,[e,"marginRight"]):t}}),!x.support.pixelPosition&&x.fn.position&&x.each(["top","left"],function(e,n){x.cssHooks[n]={get:function(e,r){return r?(r=Wt(e,n),Yt.test(r)?x(e).position()[n]+"px":r):t}}})}),x.expr&&x.expr.filters&&(x.expr.filters.hidden=function(e){return 0>=e.offsetWidth&&0>=e.offsetHeight||!x.support.reliableHiddenOffsets&&"none"===(e.style&&e.style.display||x.css(e,"display"))},x.expr.filters.visible=function(e){return!x.expr.filters.hidden(e)}),x.each({margin:"",padding:"",border:"Width"},function(e,t){x.cssHooks[e+t]={expand:function(n){var r=0,i={},o="string"==typeof n?n.split(" "):[n];for(;4>r;r++)i[e+Zt[r]+t]=o[r]||o[r-2]||o[0];return i}},Ut.test(e)||(x.cssHooks[e+t].set=on)});var cn=/%20/g,pn=/\[\]$/,fn=/\r?\n/g,dn=/^(?:submit|button|image|reset|file)$/i,hn=/^(?:input|select|textarea|keygen)/i;x.fn.extend({serialize:function(){return x.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=x.prop(this,"elements");return e?x.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!x(this).is(":disabled")&&hn.test(this.nodeName)&&!dn.test(e)&&(this.checked||!Ct.test(e))}).map(function(e,t){var n=x(this).val();return null==n?null:x.isArray(n)?x.map(n,function(e){return{name:t.name,value:e.replace(fn,"\r\n")}}):{name:t.name,value:n.replace(fn,"\r\n")}}).get()}}),x.param=function(e,n){var r,i=[],o=function(e,t){t=x.isFunction(t)?t():null==t?"":t,i[i.length]=encodeURIComponent(e)+"="+encodeURIComponent(t)};if(n===t&&(n=x.ajaxSettings&&x.ajaxSettings.traditional),x.isArray(e)||e.jquery&&!x.isPlainObject(e))x.each(e,function(){o(this.name,this.value)});else for(r in e)gn(r,e[r],n,o);return i.join("&").replace(cn,"+")};function gn(e,t,n,r){var i;if(x.isArray(t))x.each(t,function(t,i){n||pn.test(e)?r(e,i):gn(e+"["+("object"==typeof i?t:"")+"]",i,n,r)});else if(n||"object"!==x.type(t))r(e,t);else for(i in t)gn(e+"["+i+"]",t[i],n,r)}x.each("blur focus focusin focusout load resize scroll unload click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup error contextmenu".split(" "),function(e,t){x.fn[t]=function(e,n){return arguments.length>0?this.on(t,null,e,n):this.trigger(t)}}),x.fn.extend({hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)},bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)}});var mn,yn,vn=x.now(),bn=/\?/,xn=/#.*$/,wn=/([?&])_=[^&]*/,Tn=/^(.*?):[ \t]*([^\r\n]*)\r?$/gm,Cn=/^(?:about|app|app-storage|.+-extension|file|res|widget):$/,Nn=/^(?:GET|HEAD)$/,kn=/^\/\//,En=/^([\w.+-]+:)(?:\/\/([^\/?#:]*)(?::(\d+)|)|)/,Sn=x.fn.load,An={},jn={},Dn="*/".concat("*");try{yn=o.href}catch(Ln){yn=a.createElement("a"),yn.href="",yn=yn.href}mn=En.exec(yn.toLowerCase())||[];function Hn(e){return function(t,n){"string"!=typeof t&&(n=t,t="*");var r,i=0,o=t.toLowerCase().match(T)||[];if(x.isFunction(n))while(r=o[i++])"+"===r[0]?(r=r.slice(1)||"*",(e[r]=e[r]||[]).unshift(n)):(e[r]=e[r]||[]).push(n)}}function qn(e,n,r,i){var o={},a=e===jn;function s(l){var u;return o[l]=!0,x.each(e[l]||[],function(e,l){var c=l(n,r,i);return"string"!=typeof c||a||o[c]?a?!(u=c):t:(n.dataTypes.unshift(c),s(c),!1)}),u}return s(n.dataTypes[0])||!o["*"]&&s("*")}function _n(e,n){var r,i,o=x.ajaxSettings.flatOptions||{};for(i in n)n[i]!==t&&((o[i]?e:r||(r={}))[i]=n[i]);return r&&x.extend(!0,e,r),e}x.fn.load=function(e,n,r){if("string"!=typeof e&&Sn)return Sn.apply(this,arguments);var i,o,a,s=this,l=e.indexOf(" ");return l>=0&&(i=e.slice(l,e.length),e=e.slice(0,l)),x.isFunction(n)?(r=n,n=t):n&&"object"==typeof n&&(a="POST"),s.length>0&&x.ajax({url:e,type:a,dataType:"html",data:n}).done(function(e){o=arguments,s.html(i?x("<div>").append(x.parseHTML(e)).find(i):e)}).complete(r&&function(e,t){s.each(r,o||[e.responseText,t,e])}),this},x.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){x.fn[t]=function(e){return this.on(t,e)}}),x.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:yn,type:"GET",isLocal:Cn.test(mn[1]),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":Dn,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":x.parseJSON,"text xml":x.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?_n(_n(e,x.ajaxSettings),t):_n(x.ajaxSettings,e)},ajaxPrefilter:Hn(An),ajaxTransport:Hn(jn),ajax:function(e,n){"object"==typeof e&&(n=e,e=t),n=n||{};var r,i,o,a,s,l,u,c,p=x.ajaxSetup({},n),f=p.context||p,d=p.context&&(f.nodeType||f.jquery)?x(f):x.event,h=x.Deferred(),g=x.Callbacks("once memory"),m=p.statusCode||{},y={},v={},b=0,w="canceled",C={readyState:0,getResponseHeader:function(e){var t;if(2===b){if(!c){c={};while(t=Tn.exec(a))c[t[1].toLowerCase()]=t[2]}t=c[e.toLowerCase()]}return null==t?null:t},getAllResponseHeaders:function(){return 2===b?a:null},setRequestHeader:function(e,t){var n=e.toLowerCase();return b||(e=v[n]=v[n]||e,y[e]=t),this},overrideMimeType:function(e){return b||(p.mimeType=e),this},statusCode:function(e){var t;if(e)if(2>b)for(t in e)m[t]=[m[t],e[t]];else C.always(e[C.status]);return this},abort:function(e){var t=e||w;return u&&u.abort(t),k(0,t),this}};if(h.promise(C).complete=g.add,C.success=C.done,C.error=C.fail,p.url=((e||p.url||yn)+"").replace(xn,"").replace(kn,mn[1]+"//"),p.type=n.method||n.type||p.method||p.type,p.dataTypes=x.trim(p.dataType||"*").toLowerCase().match(T)||[""],null==p.crossDomain&&(r=En.exec(p.url.toLowerCase()),p.crossDomain=!(!r||r[1]===mn[1]&&r[2]===mn[2]&&(r[3]||("http:"===r[1]?"80":"443"))===(mn[3]||("http:"===mn[1]?"80":"443")))),p.data&&p.processData&&"string"!=typeof p.data&&(p.data=x.param(p.data,p.traditional)),qn(An,p,n,C),2===b)return C;l=p.global,l&&0===x.active++&&x.event.trigger("ajaxStart"),p.type=p.type.toUpperCase(),p.hasContent=!Nn.test(p.type),o=p.url,p.hasContent||(p.data&&(o=p.url+=(bn.test(o)?"&":"?")+p.data,delete p.data),p.cache===!1&&(p.url=wn.test(o)?o.replace(wn,"$1_="+vn++):o+(bn.test(o)?"&":"?")+"_="+vn++)),p.ifModified&&(x.lastModified[o]&&C.setRequestHeader("If-Modified-Since",x.lastModified[o]),x.etag[o]&&C.setRequestHeader("If-None-Match",x.etag[o])),(p.data&&p.hasContent&&p.contentType!==!1||n.contentType)&&C.setRequestHeader("Content-Type",p.contentType),C.setRequestHeader("Accept",p.dataTypes[0]&&p.accepts[p.dataTypes[0]]?p.accepts[p.dataTypes[0]]+("*"!==p.dataTypes[0]?", "+Dn+"; q=0.01":""):p.accepts["*"]);for(i in p.headers)C.setRequestHeader(i,p.headers[i]);if(p.beforeSend&&(p.beforeSend.call(f,C,p)===!1||2===b))return C.abort();w="abort";for(i in{success:1,error:1,complete:1})C[i](p[i]);if(u=qn(jn,p,n,C)){C.readyState=1,l&&d.trigger("ajaxSend",[C,p]),p.async&&p.timeout>0&&(s=setTimeout(function(){C.abort("timeout")},p.timeout));try{b=1,u.send(y,k)}catch(N){if(!(2>b))throw N;k(-1,N)}}else k(-1,"No Transport");function k(e,n,r,i){var c,y,v,w,T,N=n;2!==b&&(b=2,s&&clearTimeout(s),u=t,a=i||"",C.readyState=e>0?4:0,c=e>=200&&300>e||304===e,r&&(w=Mn(p,C,r)),w=On(p,w,C,c),c?(p.ifModified&&(T=C.getResponseHeader("Last-Modified"),T&&(x.lastModified[o]=T),T=C.getResponseHeader("etag"),T&&(x.etag[o]=T)),204===e||"HEAD"===p.type?N="nocontent":304===e?N="notmodified":(N=w.state,y=w.data,v=w.error,c=!v)):(v=N,(e||!N)&&(N="error",0>e&&(e=0))),C.status=e,C.statusText=(n||N)+"",c?h.resolveWith(f,[y,N,C]):h.rejectWith(f,[C,N,v]),C.statusCode(m),m=t,l&&d.trigger(c?"ajaxSuccess":"ajaxError",[C,p,c?y:v]),g.fireWith(f,[C,N]),l&&(d.trigger("ajaxComplete",[C,p]),--x.active||x.event.trigger("ajaxStop")))}return C},getJSON:function(e,t,n){return x.get(e,t,n,"json")},getScript:function(e,n){return x.get(e,t,n,"script")}}),x.each(["get","post"],function(e,n){x[n]=function(e,r,i,o){return x.isFunction(r)&&(o=o||i,i=r,r=t),x.ajax({url:e,type:n,dataType:o,data:r,success:i})}});function Mn(e,n,r){var i,o,a,s,l=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),o===t&&(o=e.mimeType||n.getResponseHeader("Content-Type"));if(o)for(s in l)if(l[s]&&l[s].test(o)){u.unshift(s);break}if(u[0]in r)a=u[0];else{for(s in r){if(!u[0]||e.converters[s+" "+u[0]]){a=s;break}i||(i=s)}a=a||i}return a?(a!==u[0]&&u.unshift(a),r[a]):t}function On(e,t,n,r){var i,o,a,s,l,u={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)u[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!l&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),l=o,o=c.shift())if("*"===o)o=l;else if("*"!==l&&l!==o){if(a=u[l+" "+o]||u["* "+o],!a)for(i in u)if(s=i.split(" "),s[1]===o&&(a=u[l+" "+s[0]]||u["* "+s[0]])){a===!0?a=u[i]:u[i]!==!0&&(o=s[0],c.unshift(s[1]));break}if(a!==!0)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(p){return{state:"parsererror",error:a?p:"No conversion from "+l+" to "+o}}}return{state:"success",data:t}}x.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/(?:java|ecma)script/},converters:{"text script":function(e){return x.globalEval(e),e}}}),x.ajaxPrefilter("script",function(e){e.cache===t&&(e.cache=!1),e.crossDomain&&(e.type="GET",e.global=!1)}),x.ajaxTransport("script",function(e){if(e.crossDomain){var n,r=a.head||x("head")[0]||a.documentElement;return{send:function(t,i){n=a.createElement("script"),n.async=!0,e.scriptCharset&&(n.charset=e.scriptCharset),n.src=e.url,n.onload=n.onreadystatechange=function(e,t){(t||!n.readyState||/loaded|complete/.test(n.readyState))&&(n.onload=n.onreadystatechange=null,n.parentNode&&n.parentNode.removeChild(n),n=null,t||i(200,"success"))},r.insertBefore(n,r.firstChild)},abort:function(){n&&n.onload(t,!0)}}}});var Fn=[],Bn=/(=)\?(?=&|$)|\?\?/;x.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Fn.pop()||x.expando+"_"+vn++;return this[e]=!0,e}}),x.ajaxPrefilter("json jsonp",function(n,r,i){var o,a,s,l=n.jsonp!==!1&&(Bn.test(n.url)?"url":"string"==typeof n.data&&!(n.contentType||"").indexOf("application/x-www-form-urlencoded")&&Bn.test(n.data)&&"data");return l||"jsonp"===n.dataTypes[0]?(o=n.jsonpCallback=x.isFunction(n.jsonpCallback)?n.jsonpCallback():n.jsonpCallback,l?n[l]=n[l].replace(Bn,"$1"+o):n.jsonp!==!1&&(n.url+=(bn.test(n.url)?"&":"?")+n.jsonp+"="+o),n.converters["script json"]=function(){return s||x.error(o+" was not called"),s[0]},n.dataTypes[0]="json",a=e[o],e[o]=function(){s=arguments},i.always(function(){e[o]=a,n[o]&&(n.jsonpCallback=r.jsonpCallback,Fn.push(o)),s&&x.isFunction(a)&&a(s[0]),s=a=t}),"script"):t});var Pn,Rn,Wn=0,$n=e.ActiveXObject&&function(){var e;for(e in Pn)Pn[e](t,!0)};function In(){try{return new e.XMLHttpRequest}catch(t){}}function zn(){try{return new e.ActiveXObject("Microsoft.XMLHTTP")}catch(t){}}x.ajaxSettings.xhr=e.ActiveXObject?function(){return!this.isLocal&&In()||zn()}:In,Rn=x.ajaxSettings.xhr(),x.support.cors=!!Rn&&"withCredentials"in Rn,Rn=x.support.ajax=!!Rn,Rn&&x.ajaxTransport(function(n){if(!n.crossDomain||x.support.cors){var r;return{send:function(i,o){var a,s,l=n.xhr();if(n.username?l.open(n.type,n.url,n.async,n.username,n.password):l.open(n.type,n.url,n.async),n.xhrFields)for(s in n.xhrFields)l[s]=n.xhrFields[s];n.mimeType&&l.overrideMimeType&&l.overrideMimeType(n.mimeType),n.crossDomain||i["X-Requested-With"]||(i["X-Requested-With"]="XMLHttpRequest");try{for(s in i)l.setRequestHeader(s,i[s])}catch(u){}l.send(n.hasContent&&n.data||null),r=function(e,i){var s,u,c,p;try{if(r&&(i||4===l.readyState))if(r=t,a&&(l.onreadystatechange=x.noop,$n&&delete Pn[a]),i)4!==l.readyState&&l.abort();else{p={},s=l.status,u=l.getAllResponseHeaders(),"string"==typeof l.responseText&&(p.text=l.responseText);try{c=l.statusText}catch(f){c=""}s||!n.isLocal||n.crossDomain?1223===s&&(s=204):s=p.text?200:404}}catch(d){i||o(-1,d)}p&&o(s,c,p,u)},n.async?4===l.readyState?setTimeout(r):(a=++Wn,$n&&(Pn||(Pn={},x(e).unload($n)),Pn[a]=r),l.onreadystatechange=r):r()},abort:function(){r&&r(t,!0)}}}});var Xn,Un,Vn=/^(?:toggle|show|hide)$/,Yn=RegExp("^(?:([+-])=|)("+w+")([a-z%]*)$","i"),Jn=/queueHooks$/,Gn=[nr],Qn={"*":[function(e,t){var n=this.createTween(e,t),r=n.cur(),i=Yn.exec(t),o=i&&i[3]||(x.cssNumber[e]?"":"px"),a=(x.cssNumber[e]||"px"!==o&&+r)&&Yn.exec(x.css(n.elem,e)),s=1,l=20;if(a&&a[3]!==o){o=o||a[3],i=i||[],a=+r||1;do s=s||".5",a/=s,x.style(n.elem,e,a+o);while(s!==(s=n.cur()/r)&&1!==s&&--l)}return i&&(a=n.start=+a||+r||0,n.unit=o,n.end=i[1]?a+(i[1]+1)*i[2]:+i[2]),n}]};function Kn(){return setTimeout(function(){Xn=t}),Xn=x.now()}function Zn(e,t,n){var r,i=(Qn[t]||[]).concat(Qn["*"]),o=0,a=i.length;for(;a>o;o++)if(r=i[o].call(n,t,e))return r}function er(e,t,n){var r,i,o=0,a=Gn.length,s=x.Deferred().always(function(){delete l.elem}),l=function(){if(i)return!1;var t=Xn||Kn(),n=Math.max(0,u.startTime+u.duration-t),r=n/u.duration||0,o=1-r,a=0,l=u.tweens.length;for(;l>a;a++)u.tweens[a].run(o);return s.notifyWith(e,[u,o,n]),1>o&&l?n:(s.resolveWith(e,[u]),!1)},u=s.promise({elem:e,props:x.extend({},t),opts:x.extend(!0,{specialEasing:{}},n),originalProperties:t,originalOptions:n,startTime:Xn||Kn(),duration:n.duration,tweens:[],createTween:function(t,n){var r=x.Tween(e,u.opts,t,n,u.opts.specialEasing[t]||u.opts.easing);return u.tweens.push(r),r},stop:function(t){var n=0,r=t?u.tweens.length:0;if(i)return this;for(i=!0;r>n;n++)u.tweens[n].run(1);return t?s.resolveWith(e,[u,t]):s.rejectWith(e,[u,t]),this}}),c=u.props;for(tr(c,u.opts.specialEasing);a>o;o++)if(r=Gn[o].call(u,e,c,u.opts))return r;return x.map(c,Zn,u),x.isFunction(u.opts.start)&&u.opts.start.call(e,u),x.fx.timer(x.extend(l,{elem:e,anim:u,queue:u.opts.queue})),u.progress(u.opts.progress).done(u.opts.done,u.opts.complete).fail(u.opts.fail).always(u.opts.always)}function tr(e,t){var n,r,i,o,a;for(n in e)if(r=x.camelCase(n),i=t[r],o=e[n],x.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),a=x.cssHooks[r],a&&"expand"in a){o=a.expand(o),delete e[r];for(n in o)n in e||(e[n]=o[n],t[n]=i)}else t[r]=i}x.Animation=x.extend(er,{tweener:function(e,t){x.isFunction(e)?(t=e,e=["*"]):e=e.split(" ");var n,r=0,i=e.length;for(;i>r;r++)n=e[r],Qn[n]=Qn[n]||[],Qn[n].unshift(t)},prefilter:function(e,t){t?Gn.unshift(e):Gn.push(e)}});function nr(e,t,n){var r,i,o,a,s,l,u=this,c={},p=e.style,f=e.nodeType&&nn(e),d=x._data(e,"fxshow");n.queue||(s=x._queueHooks(e,"fx"),null==s.unqueued&&(s.unqueued=0,l=s.empty.fire,s.empty.fire=function(){s.unqueued||l()}),s.unqueued++,u.always(function(){u.always(function(){s.unqueued--,x.queue(e,"fx").length||s.empty.fire()})})),1===e.nodeType&&("height"in t||"width"in t)&&(n.overflow=[p.overflow,p.overflowX,p.overflowY],"inline"===x.css(e,"display")&&"none"===x.css(e,"float")&&(x.support.inlineBlockNeedsLayout&&"inline"!==ln(e.nodeName)?p.zoom=1:p.display="inline-block")),n.overflow&&(p.overflow="hidden",x.support.shrinkWrapBlocks||u.always(function(){p.overflow=n.overflow[0],p.overflowX=n.overflow[1],p.overflowY=n.overflow[2]}));for(r in t)if(i=t[r],Vn.exec(i)){if(delete t[r],o=o||"toggle"===i,i===(f?"hide":"show"))continue;c[r]=d&&d[r]||x.style(e,r)}if(!x.isEmptyObject(c)){d?"hidden"in d&&(f=d.hidden):d=x._data(e,"fxshow",{}),o&&(d.hidden=!f),f?x(e).show():u.done(function(){x(e).hide()}),u.done(function(){var t;x._removeData(e,"fxshow");for(t in c)x.style(e,t,c[t])});for(r in c)a=Zn(f?d[r]:0,r,u),r in d||(d[r]=a.start,f&&(a.end=a.start,a.start="width"===r||"height"===r?1:0))}}function rr(e,t,n,r,i){return new rr.prototype.init(e,t,n,r,i)}x.Tween=rr,rr.prototype={constructor:rr,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||"swing",this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(x.cssNumber[n]?"":"px")},cur:function(){var e=rr.propHooks[this.prop];return e&&e.get?e.get(this):rr.propHooks._default.get(this)},run:function(e){var t,n=rr.propHooks[this.prop];return this.pos=t=this.options.duration?x.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):rr.propHooks._default.set(this),this}},rr.prototype.init.prototype=rr.prototype,rr.propHooks={_default:{get:function(e){var t;return null==e.elem[e.prop]||e.elem.style&&null!=e.elem.style[e.prop]?(t=x.css(e.elem,e.prop,""),t&&"auto"!==t?t:0):e.elem[e.prop]},set:function(e){x.fx.step[e.prop]?x.fx.step[e.prop](e):e.elem.style&&(null!=e.elem.style[x.cssProps[e.prop]]||x.cssHooks[e.prop])?x.style(e.elem,e.prop,e.now+e.unit):e.elem[e.prop]=e.now}}},rr.propHooks.scrollTop=rr.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},x.each(["toggle","show","hide"],function(e,t){var n=x.fn[t];x.fn[t]=function(e,r,i){return null==e||"boolean"==typeof e?n.apply(this,arguments):this.animate(ir(t,!0),e,r,i)}}),x.fn.extend({fadeTo:function(e,t,n,r){return this.filter(nn).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(e,t,n,r){var i=x.isEmptyObject(e),o=x.speed(t,n,r),a=function(){var t=er(this,x.extend({},e),o);(i||x._data(this,"finish"))&&t.stop(!0)};return a.finish=a,i||o.queue===!1?this.each(a):this.queue(o.queue,a)},stop:function(e,n,r){var i=function(e){var t=e.stop;delete e.stop,t(r)};return"string"!=typeof e&&(r=n,n=e,e=t),n&&e!==!1&&this.queue(e||"fx",[]),this.each(function(){var t=!0,n=null!=e&&e+"queueHooks",o=x.timers,a=x._data(this);if(n)a[n]&&a[n].stop&&i(a[n]);else for(n in a)a[n]&&a[n].stop&&Jn.test(n)&&i(a[n]);for(n=o.length;n--;)o[n].elem!==this||null!=e&&o[n].queue!==e||(o[n].anim.stop(r),t=!1,o.splice(n,1));(t||!r)&&x.dequeue(this,e)})},finish:function(e){return e!==!1&&(e=e||"fx"),this.each(function(){var t,n=x._data(this),r=n[e+"queue"],i=n[e+"queueHooks"],o=x.timers,a=r?r.length:0;for(n.finish=!0,x.queue(this,e,[]),i&&i.stop&&i.stop.call(this,!0),t=o.length;t--;)o[t].elem===this&&o[t].queue===e&&(o[t].anim.stop(!0),o.splice(t,1));for(t=0;a>t;t++)r[t]&&r[t].finish&&r[t].finish.call(this);delete n.finish})}});function ir(e,t){var n,r={height:e},i=0;for(t=t?1:0;4>i;i+=2-t)n=Zt[i],r["margin"+n]=r["padding"+n]=e;return t&&(r.opacity=r.width=e),r}x.each({slideDown:ir("show"),slideUp:ir("hide"),slideToggle:ir("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,t){x.fn[e]=function(e,n,r){return this.animate(t,e,n,r)}}),x.speed=function(e,t,n){var r=e&&"object"==typeof e?x.extend({},e):{complete:n||!n&&t||x.isFunction(e)&&e,duration:e,easing:n&&t||t&&!x.isFunction(t)&&t};return r.duration=x.fx.off?0:"number"==typeof r.duration?r.duration:r.duration in x.fx.speeds?x.fx.speeds[r.duration]:x.fx.speeds._default,(null==r.queue||r.queue===!0)&&(r.queue="fx"),r.old=r.complete,r.complete=function(){x.isFunction(r.old)&&r.old.call(this),r.queue&&x.dequeue(this,r.queue)},r},x.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2}},x.timers=[],x.fx=rr.prototype.init,x.fx.tick=function(){var e,n=x.timers,r=0;for(Xn=x.now();n.length>r;r++)e=n[r],e()||n[r]!==e||n.splice(r--,1);n.length||x.fx.stop(),Xn=t},x.fx.timer=function(e){e()&&x.timers.push(e)&&x.fx.start()},x.fx.interval=13,x.fx.start=function(){Un||(Un=setInterval(x.fx.tick,x.fx.interval))},x.fx.stop=function(){clearInterval(Un),Un=null},x.fx.speeds={slow:600,fast:200,_default:400},x.fx.step={},x.expr&&x.expr.filters&&(x.expr.filters.animated=function(e){return x.grep(x.timers,function(t){return e===t.elem}).length}),x.fn.offset=function(e){if(arguments.length)return e===t?this:this.each(function(t){x.offset.setOffset(this,e,t)});var n,r,o={top:0,left:0},a=this[0],s=a&&a.ownerDocument;if(s)return n=s.documentElement,x.contains(n,a)?(typeof a.getBoundingClientRect!==i&&(o=a.getBoundingClientRect()),r=or(s),{top:o.top+(r.pageYOffset||n.scrollTop)-(n.clientTop||0),left:o.left+(r.pageXOffset||n.scrollLeft)-(n.clientLeft||0)}):o},x.offset={setOffset:function(e,t,n){var r=x.css(e,"position");"static"===r&&(e.style.position="relative");var i=x(e),o=i.offset(),a=x.css(e,"top"),s=x.css(e,"left"),l=("absolute"===r||"fixed"===r)&&x.inArray("auto",[a,s])>-1,u={},c={},p,f;l?(c=i.position(),p=c.top,f=c.left):(p=parseFloat(a)||0,f=parseFloat(s)||0),x.isFunction(t)&&(t=t.call(e,n,o)),null!=t.top&&(u.top=t.top-o.top+p),null!=t.left&&(u.left=t.left-o.left+f),"using"in t?t.using.call(e,u):i.css(u)}},x.fn.extend({position:function(){if(this[0]){var e,t,n={top:0,left:0},r=this[0];return"fixed"===x.css(r,"position")?t=r.getBoundingClientRect():(e=this.offsetParent(),t=this.offset(),x.nodeName(e[0],"html")||(n=e.offset()),n.top+=x.css(e[0],"borderTopWidth",!0),n.left+=x.css(e[0],"borderLeftWidth",!0)),{top:t.top-n.top-x.css(r,"marginTop",!0),left:t.left-n.left-x.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent||s;while(e&&!x.nodeName(e,"html")&&"static"===x.css(e,"position"))e=e.offsetParent;return e||s})}}),x.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(e,n){var r=/Y/.test(n);x.fn[e]=function(i){return x.access(this,function(e,i,o){var a=or(e);return o===t?a?n in a?a[n]:a.document.documentElement[i]:e[i]:(a?a.scrollTo(r?x(a).scrollLeft():o,r?o:x(a).scrollTop()):e[i]=o,t)},e,i,arguments.length,null)}});function or(e){return x.isWindow(e)?e:9===e.nodeType?e.defaultView||e.parentWindow:!1}x.each({Height:"height",Width:"width"},function(e,n){x.each({padding:"inner"+e,content:n,"":"outer"+e},function(r,i){x.fn[i]=function(i,o){var a=arguments.length&&(r||"boolean"!=typeof i),s=r||(i===!0||o===!0?"margin":"border");return x.access(this,function(n,r,i){var o;return x.isWindow(n)?n.document.documentElement["client"+e]:9===n.nodeType?(o=n.documentElement,Math.max(n.body["scroll"+e],o["scroll"+e],n.body["offset"+e],o["offset"+e],o["client"+e])):i===t?x.css(n,r,s):x.style(n,r,i,s)},n,a?i:t,a,null)}})}),x.fn.size=function(){return this.length},x.fn.andSelf=x.fn.addBack,"object"==typeof module&&module&&"object"==typeof module.exports?module.exports=x:(e.jQuery=e.$=x,"function"==typeof define&&define.amd&&define("jquery",[],function(){return x}))})(window);
+// Deck Core and extensions
+/*!
+Deck JS - deck.core
+Copyright (c) 2011 Caleb Troughton
+Dual licensed under the MIT license and GPL license.
+https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
+https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
+*/
+
+/*
+The deck.core module provides all the basic functionality for creating and
+moving through a deck.  It does so by applying classes to indicate the state of
+the deck and its slides, allowing CSS to take care of the visual representation
+of each state.  It also provides methods for navigating the deck and inspecting
+its state, as well as basic key bindings for going to the next and previous
+slides.  More functionality is provided by wholly separate extension modules
+that use the API provided by core.
+*/
+(function($, deck, document, undefined) {
+	var slides, // Array of all the uh, slides...
+	current, // Array index of the current slide
+	$container, // Keeping this cached
+
+	events = {
+		/*
+		This event fires whenever the current slide changes, whether by way of
+		next, prev, or go. The callback function is passed two parameters, from
+		and to, equal to the indices of the old slide and the new slide
+		respectively. If preventDefault is called on the event within this handler
+		the slide change does not occur.
+
+		$(document).bind('deck.change', function(event, from, to) {
+		   alert('Moving from slide ' + from + ' to ' + to);
+		});
+		*/
+		change: 'deck.change',
+
+		/*
+		This event fires at the beginning of deck initialization, after the options
+		are set but before the slides array is created.  This event makes a good hook
+		for preprocessing extensions looking to modify the deck.
+		*/
+		beforeInitialize: 'deck.beforeInit',
+
+		/*
+		This event fires at the end of deck initialization. Extensions should
+		implement any code that relies on user extensible options (key bindings,
+		element selectors, classes) within a handler for this event. Native
+		events associated with Deck JS should be scoped under a .deck event
+		namespace, as with the example below:
+
+		var $d = $(document);
+		$.deck.defaults.keys.myExtensionKeycode = 70; // 'h'
+		$d.bind('deck.init', function() {
+		   $d.bind('keydown.deck', function(event) {
+		      if (event.which === $.deck.getOptions().keys.myExtensionKeycode) {
+		         // Rock out
+		      }
+		   });
+		});
+		*/
+		initialize: 'deck.init'
+	},
+
+	options = {},
+	$d = $(document),
+
+	/*
+	Internal function. Updates slide and container classes based on which
+	slide is the current slide.
+	*/
+	updateStates = function() {
+		var oc = options.classes,
+		osc = options.selectors.container,
+		old = $container.data('onSlide'),
+		$all = $();
+
+		// Container state
+		$container.removeClass(oc.onPrefix + old)
+			.addClass(oc.onPrefix + current)
+			.data('onSlide', current);
+
+		// Remove and re-add child-current classes for nesting
+		$('.' + oc.current).parentsUntil(osc).removeClass(oc.childCurrent);
+		slides[current].parentsUntil(osc).addClass(oc.childCurrent);
+
+		// Remove previous states
+		$.each(slides, function(i, el) {
+			$all = $all.add(el);
+		});
+		$all.removeClass([
+			oc.before,
+			oc.previous,
+			oc.current,
+			oc.next,
+			oc.after
+		].join(" "));
+
+		// Add new states back in
+		slides[current].addClass(oc.current);
+		if (current > 0) {
+			slides[current-1].addClass(oc.previous);
+		}
+		if (current + 1 < slides.length) {
+			slides[current+1].addClass(oc.next);
+		}
+		if (current > 1) {
+			$.each(slides.slice(0, current - 1), function(i, el) {
+				el.addClass(oc.before);
+			});
+		}
+		if (current + 2 < slides.length) {
+			$.each(slides.slice(current+2), function(i, el) {
+				el.addClass(oc.after);
+			});
+		}
+	},
+
+	/* Methods exposed in the jQuery.deck namespace */
+	methods = {
+
+		/*
+		jQuery.deck(selector, options)
+
+		selector: string | jQuery | array
+		options: object, optional
+
+		Initializes the deck, using each element matched by selector as a slide.
+		May also be passed an array of string selectors or jQuery objects, in
+		which case each selector in the array is considered a slide. The second
+		parameter is an optional options object which will extend the default
+		values.
+
+		$.deck('.slide');
+
+		or
+
+		$.deck([
+		   '#first-slide',
+		   '#second-slide',
+		   '#etc'
+		]);
+		*/
+		init: function(elements, opts) {
+			var startTouch,
+			tolerance,
+			esp = function(e) {
+				e.stopPropagation();
+			};
+
+			options = $.extend(true, {}, $[deck].defaults, opts);
+			slides = [];
+			current = 0;
+			$container = $(options.selectors.container);
+			tolerance = options.touch.swipeTolerance;
+
+			// Pre init event for preprocessing hooks
+			$d.trigger(events.beforeInitialize);
+
+			// Hide the deck while states are being applied to kill transitions
+			$container.addClass(options.classes.loading);
+
+			// Fill slides array depending on parameter type
+			if ($.isArray(elements)) {
+				$.each(elements, function(i, e) {
+					slides.push($(e));
+				});
+			}
+			else {
+				$(elements).each(function(i, e) {
+					slides.push($(e));
+				});
+			}
+
+			/* Remove any previous bindings, and rebind key events */
+			$d.unbind('keydown.deck').bind('keydown.deck', function(e) {
+				if (e.which === options.keys.next || $.inArray(e.which, options.keys.next) > -1) {
+					methods.next();
+					e.preventDefault();
+				}
+				else if (e.which === options.keys.previous || $.inArray(e.which, options.keys.previous) > -1) {
+					methods.prev();
+					e.preventDefault();
+				}
+			})
+			/* Stop propagation of key events within editable elements */
+			.undelegate('input, textarea, select, button, meter, progress, [contentEditable]', 'keydown', esp)
+			.delegate('input, textarea, select, button, meter, progress, [contentEditable]', 'keydown', esp);
+
+			/* Bind touch events for swiping between slides on touch devices */
+			$container.unbind('touchstart.deck').bind('touchstart.deck', function(e) {
+				if (!startTouch) {
+					startTouch = $.extend({}, e.originalEvent.targetTouches[0]);
+				}
+			})
+			.unbind('touchmove.deck').bind('touchmove.deck', function(e) {
+				$.each(e.originalEvent.changedTouches, function(i, t) {
+					if (startTouch && t.identifier === startTouch.identifier) {
+						if (t.screenX - startTouch.screenX > tolerance || t.screenY - startTouch.screenY > tolerance) {
+							$[deck]('prev');
+							startTouch = undefined;
+						}
+						else if (t.screenX - startTouch.screenX < -1 * tolerance || t.screenY - startTouch.screenY < -1 * tolerance) {
+							$[deck]('next');
+							startTouch = undefined;
+						}
+						return false;
+					}
+				});
+				e.preventDefault();
+			})
+			.unbind('touchend.deck').bind('touchend.deck', function(t) {
+				$.each(t.originalEvent.changedTouches, function(i, t) {
+					if (startTouch && t.identifier === startTouch.identifier) {
+						startTouch = undefined;
+					}
+				});
+			})
+			.scrollLeft(0).scrollTop(0);
+
+			/*
+			Kick iframe videos, which dont like to redraw w/ transforms.
+			Remove this if Webkit ever fixes it.
+			 */
+			$.each(slides, function(i, $el) {
+				$el.unbind('webkitTransitionEnd.deck').bind('webkitTransitionEnd.deck',
+				function(event) {
+					if ($el.hasClass($[deck]('getOptions').classes.current)) {
+						var embeds = $(this).find('iframe').css('opacity', 0);
+						window.setTimeout(function() {
+							embeds.css('opacity', 1);
+						}, 100);
+					}
+				});
+			});
+
+			if (slides.length) {
+				updateStates();
+			}
+
+			// Show deck again now that slides are in place
+			$container.removeClass(options.classes.loading);
+			$d.trigger(events.initialize);
+		},
+
+		/*
+		jQuery.deck('go', index)
+
+		index: integer | string
+
+		Moves to the slide at the specified index if index is a number. Index is
+		0-based, so $.deck('go', 0); will move to the first slide. If index is a
+		string this will move to the slide with the specified id. If index is out
+		of bounds or doesn't match a slide id the call is ignored.
+		*/
+		go: function(index) {
+			var e = $.Event(events.change),
+			ndx;
+
+			/* Number index, easy. */
+			if (typeof index === 'number' && index >= 0 && index < slides.length) {
+				ndx = index;
+			}
+			/* Id string index, search for it and set integer index */
+			else if (typeof index === 'string') {
+				$.each(slides, function(i, $slide) {
+					if ($slide.attr('id') === index) {
+						ndx = i;
+						return false;
+					}
+				});
+			};
+
+			/* Out of bounds, id doesn't exist, illegal input, eject */
+			if (typeof ndx === 'undefined') return;
+
+			$d.trigger(e, [current, ndx]);
+			if (e.isDefaultPrevented()) {
+				/* Trigger the event again and undo the damage done by extensions. */
+				$d.trigger(events.change, [ndx, current]);
+			}
+			else {
+				current = ndx;
+				updateStates();
+			}
+		},
+
+		/*
+		jQuery.deck('next')
+
+		Moves to the next slide. If the last slide is already active, the call
+		is ignored.
+		*/
+		next: function() {
+			methods.go(current+1);
+		},
+
+		/*
+		jQuery.deck('prev')
+
+		Moves to the previous slide. If the first slide is already active, the
+		call is ignored.
+		*/
+		prev: function() {
+			methods.go(current-1);
+		},
+
+		/*
+		jQuery.deck('getSlide', index)
+
+		index: integer, optional
+
+		Returns a jQuery object containing the slide at index. If index is not
+		specified, the current slide is returned.
+		*/
+		getSlide: function(index) {
+			var i = typeof index !== 'undefined' ? index : current;
+			if (typeof i != 'number' || i < 0 || i >= slides.length) return null;
+			return slides[i];
+		},
+
+		/*
+		jQuery.deck('getSlides')
+
+		Returns all slides as an array of jQuery objects.
+		*/
+		getSlides: function() {
+			return slides;
+		},
+
+		/*
+		jQuery.deck('getContainer')
+
+		Returns a jQuery object containing the deck container as defined by the
+		container option.
+		*/
+		getContainer: function() {
+			return $container;
+		},
+
+		/*
+		jQuery.deck('getOptions')
+
+		Returns the options object for the deck, including any overrides that
+		were defined at initialization.
+		*/
+		getOptions: function() {
+			return options;
+		},
+
+		/*
+		jQuery.deck('extend', name, method)
+
+		name: string
+		method: function
+
+		Adds method to the deck namespace with the key of name. This doesn’t
+		give access to any private member data — public methods must still be
+		used within method — but lets extension authors piggyback on the deck
+		namespace rather than pollute jQuery.
+
+		$.deck('extend', 'alert', function(msg) {
+		   alert(msg);
+		});
+
+		// Alerts 'boom'
+		$.deck('alert', 'boom');
+		*/
+		extend: function(name, method) {
+			methods[name] = method;
+		}
+	};
+
+	/* jQuery extension */
+	$[deck] = function(method, arg) {
+		if (methods[method]) {
+			return methods[method].apply(this, Array.prototype.slice.call(arguments, 1));
+		}
+		else {
+			return methods.init(method, arg);
+		}
+	};
+
+	/*
+	The default settings object for a deck. All deck extensions should extend
+	this object to add defaults for any of their options.
+
+	options.classes.after
+		This class is added to all slides that appear after the 'next' slide.
+
+	options.classes.before
+		This class is added to all slides that appear before the 'previous'
+		slide.
+
+	options.classes.childCurrent
+		This class is added to all elements in the DOM tree between the
+		'current' slide and the deck container. For standard slides, this is
+		mostly seen and used for nested slides.
+
+	options.classes.current
+		This class is added to the current slide.
+
+	options.classes.loading
+		This class is applied to the deck container during loading phases and is
+		primarily used as a way to short circuit transitions between states
+		where such transitions are distracting or unwanted.  For example, this
+		class is applied during deck initialization and then removed to prevent
+		all the slides from appearing stacked and transitioning into place
+		on load.
+
+	options.classes.next
+		This class is added to the slide immediately following the 'current'
+		slide.
+
+	options.classes.onPrefix
+		This prefix, concatenated with the current slide index, is added to the
+		deck container as you change slides.
+
+	options.classes.previous
+		This class is added to the slide immediately preceding the 'current'
+		slide.
+
+	options.selectors.container
+		Elements matched by this CSS selector will be considered the deck
+		container. The deck container is used to scope certain states of the
+		deck, as with the onPrefix option, or with extensions such as deck.goto
+		and deck.menu.
+
+	options.keys.next
+		The numeric keycode used to go to the next slide.
+
+	options.keys.previous
+		The numeric keycode used to go to the previous slide.
+
+	options.touch.swipeTolerance
+		The number of pixels the users finger must travel to produce a swipe
+		gesture.
+	*/
+	$[deck].defaults = {
+		classes: {
+			after: 'deck-after',
+			before: 'deck-before',
+			childCurrent: 'deck-child-current',
+			current: 'deck-current',
+			loading: 'deck-loading',
+			next: 'deck-next',
+			onPrefix: 'on-slide-',
+			previous: 'deck-previous'
+		},
+
+		selectors: {
+			container: '.deck-container'
+		},
+
+		keys: {
+			// enter, space, page down, right arrow, down arrow,
+			next: [13, 32, 34, 39, 40],
+			// backspace, page up, left arrow, up arrow
+			previous: [8, 33, 37, 38]
+		},
+
+		touch: {
+			swipeTolerance: 60
+		}
+	};
+
+	$d.ready(function() {
+		$('html').addClass('ready');
+	});
+
+	/*
+	FF + Transforms + Flash video don't get along...
+	Firefox will reload and start playing certain videos after a
+	transform.  Blanking the src when a previously shown slide goes out
+	of view prevents this.
+	*/
+	$d.bind('deck.change', function(e, from, to) {
+		var oldFrames = $[deck]('getSlide', from).find('iframe'),
+		newFrames = $[deck]('getSlide', to).find('iframe');
+
+		oldFrames.each(function() {
+	    	var $this = $(this),
+	    	curSrc = $this.attr('src');
+
+            if(curSrc) {
+            	$this.data('deck-src', curSrc).attr('src', '');
+            }
+		});
+
+		newFrames.each(function() {
+			var $this = $(this),
+			originalSrc = $this.data('deck-src');
+
+			if (originalSrc) {
+				$this.attr('src', originalSrc);
+			}
+		});
+	});
+})(jQuery, 'deck', document);
+/*!
+Deck JS - deck.menu
+Copyright (c) 2011 Caleb Troughton
+Dual licensed under the MIT license and GPL license.
+https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
+https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
+*/
+
+/*
+This module adds the methods and key binding to show and hide a menu of all
+slides in the deck. The deck menu state is indicated by the presence of a class
+on the deck container.
+*/
+(function($, deck, undefined) {
+	var $d = $(document),
+	rootSlides; // Array of top level slides
+
+	/*
+	Extends defaults/options.
+
+	options.classes.menu
+		This class is added to the deck container when showing the slide menu.
+
+	options.keys.menu
+		The numeric keycode used to toggle between showing and hiding the slide
+		menu.
+
+	options.touch.doubletapWindow
+		Two consecutive touch events within this number of milliseconds will
+		be considered a double tap, and will toggle the menu on touch devices.
+	*/
+	$.extend(true, $[deck].defaults, {
+		classes: {
+			menu: 'deck-menu'
+		},
+
+		keys: {
+			menu: 77 // m
+		},
+
+		touch: {
+			doubletapWindow: 400
+		}
+	});
+
+	/*
+	jQuery.deck('showMenu')
+
+	Shows the slide menu by adding the class specified by the menu class option
+	to the deck container.
+	*/
+	$[deck]('extend', 'showMenu', function() {
+		var $c = $[deck]('getContainer'),
+		opts = $[deck]('getOptions');
+
+		if ($c.hasClass(opts.classes.menu)) return;
+
+		// Hide through loading class to short-circuit transitions (perf)
+		$c.addClass([opts.classes.loading, opts.classes.menu].join(' '));
+
+		/* Forced to do this in JS until CSS learns second-grade math. Save old
+		style value for restoration when menu is hidden. */
+		if (Modernizr.csstransforms) {
+			$.each(rootSlides, function(i, $slide) {
+				$slide.data('oldStyle', $slide.attr('style'));
+				$slide.css({
+					'position': 'absolute',
+					'left': ((i % 4) * 25) + '%',
+					'top': (Math.floor(i / 4) * 25) + '%'
+				});
+			});
+		}
+
+		// Need to ensure the loading class renders first, then remove
+		window.setTimeout(function() {
+			$c.removeClass(opts.classes.loading)
+				.scrollTop($[deck]('getSlide').offset().top);
+		}, 0);
+	});
+
+	/*
+	jQuery.deck('hideMenu')
+
+	Hides the slide menu by removing the class specified by the menu class
+	option from the deck container.
+	*/
+	$[deck]('extend', 'hideMenu', function() {
+		var $c = $[deck]('getContainer'),
+		opts = $[deck]('getOptions');
+
+		if (!$c.hasClass(opts.classes.menu)) return;
+
+		$c.removeClass(opts.classes.menu);
+		$c.addClass(opts.classes.loading);
+
+		/* Restore old style value */
+		if (Modernizr.csstransforms) {
+			$.each(rootSlides, function(i, $slide) {
+				var oldStyle = $slide.data('oldStyle');
+
+				$slide.attr('style', oldStyle ? oldStyle : '');
+			});
+		}
+
+		window.setTimeout(function() {
+			$c.removeClass(opts.classes.loading).scrollTop(0);
+		}, 0);
+	});
+
+	/*
+	jQuery.deck('toggleMenu')
+
+	Toggles between showing and hiding the slide menu.
+	*/
+	$[deck]('extend', 'toggleMenu', function() {
+		$[deck]('getContainer').hasClass($[deck]('getOptions').classes.menu) ?
+		$[deck]('hideMenu') : $[deck]('showMenu');
+	});
+
+	$d.bind('deck.init', function() {
+		var opts = $[deck]('getOptions'),
+		touchEndTime = 0,
+		currentSlide,
+		slideTest = $.map([
+			opts.classes.before,
+			opts.classes.previous,
+			opts.classes.current,
+			opts.classes.next,
+			opts.classes.after
+		], function(el, i) {
+			return '.' + el;
+		}).join(', ');
+
+		// Build top level slides array
+		rootSlides = [];
+		$.each($[deck]('getSlides'), function(i, $el) {
+			if (!$el.parentsUntil(opts.selectors.container, slideTest).length) {
+				rootSlides.push($el);
+			}
+		});
+
+		// Bind key events
+		$d.unbind('keydown.deckmenu').bind('keydown.deckmenu', function(e) {
+			if (e.which === opts.keys.menu || $.inArray(e.which, opts.keys.menu) > -1) {
+				$[deck]('toggleMenu');
+				e.preventDefault();
+			}
+		});
+
+		// Double tap to toggle slide menu for touch devices
+		$[deck]('getContainer').unbind('touchstart.deckmenu').bind('touchstart.deckmenu', function(e) {
+			currentSlide = $[deck]('getSlide');
+		})
+		.unbind('touchend.deckmenu').bind('touchend.deckmenu', function(e) {
+			var now = Date.now();
+
+			// Ignore this touch event if it caused a nav change (swipe)
+			if (currentSlide !== $[deck]('getSlide')) return;
+
+			if (now - touchEndTime < opts.touch.doubletapWindow) {
+				$[deck]('toggleMenu');
+				e.preventDefault();
+			}
+			touchEndTime = now;
+		});
+
+		// Selecting slides from the menu
+		$.each($[deck]('getSlides'), function(i, $s) {
+			$s.unbind('click.deckmenu').bind('click.deckmenu', function(e) {
+				if (!$[deck]('getContainer').hasClass(opts.classes.menu)) return;
+
+				$[deck]('go', i);
+				$[deck]('hideMenu');
+				e.stopPropagation();
+				e.preventDefault();
+			});
+		});
+	})
+	.bind('deck.change', function(e, from, to) {
+		var container = $[deck]('getContainer');
+
+		if (container.hasClass($[deck]('getOptions').classes.menu)) {
+			container.scrollTop($[deck]('getSlide', to).offset().top);
+		}
+	});
+})(jQuery, 'deck');
+
+/*!
+Deck JS - deck.goto
+Copyright (c) 2011 Caleb Troughton
+Dual licensed under the MIT license and GPL license.
+https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
+https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
+*/
+
+/*
+This module adds the necessary methods and key bindings to show and hide a form
+for jumping to any slide number/id in the deck (and processes that form
+accordingly). The form-showing state is indicated by the presence of a class on
+the deck container.
+*/
+(function($, deck, undefined) {
+	var $d = $(document);
+
+	/*
+	Extends defaults/options.
+
+	options.classes.goto
+		This class is added to the deck container when showing the Go To Slide
+		form.
+
+	options.selectors.gotoDatalist
+		The element that matches this selector is the datalist element that will
+		be populated with options for each of the slide ids.  In browsers that
+		support the datalist element, this provides a drop list of slide ids to
+		aid the user in selecting a slide.
+
+	options.selectors.gotoForm
+		The element that matches this selector is the form that is submitted
+		when a user hits enter after typing a slide number/id in the gotoInput
+		element.
+
+	options.selectors.gotoInput
+		The element that matches this selector is the text input field for
+		entering a slide number/id in the Go To Slide form.
+
+	options.keys.goto
+		The numeric keycode used to show the Go To Slide form.
+
+	options.countNested
+		If false, only top level slides will be counted when entering a
+		slide number.
+	*/
+	$.extend(true, $[deck].defaults, {
+		classes: {
+			goto: 'deck-goto'
+		},
+
+		selectors: {
+			gotoDatalist: '#goto-datalist',
+			gotoForm: '.goto-form',
+			gotoInput: '#goto-slide'
+		},
+
+		keys: {
+			goto: 71 // g
+		},
+
+		countNested: true
+	});
+
+	/*
+	jQuery.deck('showGoTo')
+
+	Shows the Go To Slide form by adding the class specified by the goto class
+	option to the deck container.
+	*/
+	$[deck]('extend', 'showGoTo', function() {
+		$[deck]('getContainer').addClass($[deck]('getOptions').classes.goto);
+		$($[deck]('getOptions').selectors.gotoInput).focus();
+	});
+
+	/*
+	jQuery.deck('hideGoTo')
+
+	Hides the Go To Slide form by removing the class specified by the goto class
+	option from the deck container.
+	*/
+	$[deck]('extend', 'hideGoTo', function() {
+		$($[deck]('getOptions').selectors.gotoInput).blur();
+		$[deck]('getContainer').removeClass($[deck]('getOptions').classes.goto);
+	});
+
+	/*
+	jQuery.deck('toggleGoTo')
+
+	Toggles between showing and hiding the Go To Slide form.
+	*/
+	$[deck]('extend', 'toggleGoTo', function() {
+		$[deck]($[deck]('getContainer').hasClass($[deck]('getOptions').classes.goto) ? 'hideGoTo' : 'showGoTo');
+	});
+
+	$d.bind('deck.init', function() {
+		var opts = $[deck]('getOptions'),
+		$datalist = $(opts.selectors.gotoDatalist),
+		slideTest = $.map([
+			opts.classes.before,
+			opts.classes.previous,
+			opts.classes.current,
+			opts.classes.next,
+			opts.classes.after
+		], function(el, i) {
+			return '.' + el;
+		}).join(', '),
+		rootCounter = 1;
+
+		// Bind key events
+		$d.unbind('keydown.deckgoto').bind('keydown.deckgoto', function(e) {
+			var key = $[deck]('getOptions').keys.goto;
+
+			if (e.which === key || $.inArray(e.which, key) > -1) {
+				e.preventDefault();
+				$[deck]('toggleGoTo');
+			}
+		});
+
+		/* Populate datalist and work out countNested*/
+		$.each($[deck]('getSlides'), function(i, $slide) {
+			var id = $slide.attr('id'),
+			$parentSlides = $slide.parentsUntil(opts.selectors.container, slideTest);
+
+			if (id) {
+				$datalist.append('<option value="' + id + '">');
+			}
+
+			if ($parentSlides.length) {
+				$slide.removeData('rootIndex');
+			}
+			else if (!opts.countNested) {
+				$slide.data('rootIndex', rootCounter);
+				++rootCounter;
+			}
+		});
+
+		// Process form submittal, go to the slide entered
+		$(opts.selectors.gotoForm)
+		.unbind('submit.deckgoto')
+		.bind('submit.deckgoto', function(e) {
+			var $field = $($[deck]('getOptions').selectors.gotoInput),
+			ndx = parseInt($field.val(), 10);
+
+			if (!$[deck]('getOptions').countNested) {
+			  if (ndx >= rootCounter) return false;
+				$.each($[deck]('getSlides'), function(i, $slide) {
+					if ($slide.data('rootIndex') === ndx) {
+						ndx = i + 1;
+						return false;
+					}
+				});
+			}
+
+			$[deck]('go', isNaN(ndx) ? $field.val() : ndx - 1);
+			$[deck]('hideGoTo');
+			$field.val('');
+
+			e.preventDefault();
+		});
+
+		// Dont let keys in the input trigger deck actions
+		$(opts.selectors.gotoInput)
+		.unbind('keydown.deckgoto')
+		.bind('keydown.deckgoto', function(e) {
+			e.stopPropagation();
+		});
+	});
+})(jQuery, 'deck');
+
+/*!
+Deck JS - deck.status
+Copyright (c) 2011 Caleb Troughton
+Dual licensed under the MIT license and GPL license.
+https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
+https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
+*/
+
+/*
+This module adds a (current)/(total) style status indicator to the deck.
+*/
+(function($, deck, undefined) {
+	var $d = $(document),
+
+	updateCurrent = function(e, from, to) {
+		var opts = $[deck]('getOptions');
+
+		$(opts.selectors.statusCurrent).text(opts.countNested ?
+			to + 1 :
+			$[deck]('getSlide', to).data('rootSlide')
+		);
+	};
+
+	/*
+	Extends defaults/options.
+
+	options.selectors.statusCurrent
+		The element matching this selector displays the current slide number.
+
+	options.selectors.statusTotal
+		The element matching this selector displays the total number of slides.
+
+	options.countNested
+		If false, only top level slides will be counted in the current and
+		total numbers.
+	*/
+	$.extend(true, $[deck].defaults, {
+		selectors: {
+			statusCurrent: '.deck-status-current',
+			statusTotal: '.deck-status-total'
+		},
+
+		countNested: true
+	});
+
+	$d.bind('deck.init', function() {
+		var opts = $[deck]('getOptions'),
+		slides = $[deck]('getSlides'),
+		$current = $[deck]('getSlide'),
+		ndx;
+
+		// Set total slides once
+		if (opts.countNested) {
+			$(opts.selectors.statusTotal).text(slides.length);
+		}
+		else {
+			/* Determine root slides by checking each slide's ancestor tree for
+			any of the slide classes. */
+			var rootIndex = 1,
+			slideTest = $.map([
+				opts.classes.before,
+				opts.classes.previous,
+				opts.classes.current,
+				opts.classes.next,
+				opts.classes.after
+			], function(el, i) {
+				return '.' + el;
+			}).join(', ');
+
+			/* Store the 'real' root slide number for use during slide changes. */
+			$.each(slides, function(i, $el) {
+				var $parentSlides = $el.parentsUntil(opts.selectors.container, slideTest);
+
+				$el.data('rootSlide', $parentSlides.length ?
+					$parentSlides.last().data('rootSlide') :
+					rootIndex++
+				);
+			});
+
+			$(opts.selectors.statusTotal).text(rootIndex - 1);
+		}
+
+		// Find where we started in the deck and set initial state
+		$.each(slides, function(i, $el) {
+			if ($el === $current) {
+				ndx = i;
+				return false;
+			}
+		});
+		updateCurrent(null, ndx, ndx);
+	})
+	/* Update current slide number with each change event */
+	.bind('deck.change', updateCurrent);
+})(jQuery, 'deck');
+
+/*!
+Deck JS - deck.navigation
+Copyright (c) 2011 Caleb Troughton
+Dual licensed under the MIT license and GPL license.
+https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
+https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
+*/
+
+/*
+This module adds clickable previous and next links to the deck.
+*/
+(function($, deck, undefined) {
+	var $d = $(document),
+
+	/* Updates link hrefs, and disabled states if last/first slide */
+	updateButtons = function(e, from, to) {
+		var opts = $[deck]('getOptions'),
+		last = $[deck]('getSlides').length - 1,
+		prevSlide = $[deck]('getSlide', to - 1),
+		nextSlide = $[deck]('getSlide', to + 1),
+		hrefBase = window.location.href.replace(/#.*/, ''),
+		prevId = prevSlide ? prevSlide.attr('id') : undefined,
+		nextId = nextSlide ? nextSlide.attr('id') : undefined;
+
+		$(opts.selectors.previousLink)
+			.toggleClass(opts.classes.navDisabled, !to)
+			.attr('href', hrefBase + '#' + (prevId ? prevId : ''));
+		$(opts.selectors.nextLink)
+			.toggleClass(opts.classes.navDisabled, to === last)
+			.attr('href', hrefBase + '#' + (nextId ? nextId : ''));
+	};
+
+	/*
+	Extends defaults/options.
+
+	options.classes.navDisabled
+		This class is added to a navigation link when that action is disabled.
+		It is added to the previous link when on the first slide, and to the
+		next link when on the last slide.
+
+	options.selectors.nextLink
+		The elements that match this selector will move the deck to the next
+		slide when clicked.
+
+	options.selectors.previousLink
+		The elements that match this selector will move to deck to the previous
+		slide when clicked.
+	*/
+	$.extend(true, $[deck].defaults, {
+		classes: {
+			navDisabled: 'deck-nav-disabled'
+		},
+
+		selectors: {
+			nextLink: '.deck-next-link',
+			previousLink: '.deck-prev-link'
+		}
+	});
+
+	$d.bind('deck.init', function() {
+		var opts = $[deck]('getOptions'),
+		slides = $[deck]('getSlides'),
+		$current = $[deck]('getSlide'),
+		ndx;
+
+		// Setup prev/next link events
+		$(opts.selectors.previousLink)
+		.unbind('click.decknavigation')
+		.bind('click.decknavigation', function(e) {
+			$[deck]('prev');
+			e.preventDefault();
+		});
+
+		$(opts.selectors.nextLink)
+		.unbind('click.decknavigation')
+		.bind('click.decknavigation', function(e) {
+			$[deck]('next');
+			e.preventDefault();
+		});
+
+		// Find where we started in the deck and set initial states
+		$.each(slides, function(i, $slide) {
+			if ($slide === $current) {
+				ndx = i;
+				return false;
+			}
+		});
+		updateButtons(null, ndx, ndx);
+	})
+	.bind('deck.change', updateButtons);
+})(jQuery, 'deck');
+
+/*
+Deck JS - deck.toc
+Copyright (c) 2011 Remi BARRAQUAND
+Dual licensed under the MIT license and GPL license.
+https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
+https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
+*/
+
+/*
+This module provides a support for TOC to the deck.
+*/
+
+(function($, deck, undefined) {
+    var $d = $(document);
+    var $toc;
+    /*
+	Extends defaults/options.
+
+        options.classes.toc
+		This class is added to the deck container when showing the slide
+                toc.
+
+	options.keys.toc
+		The numeric keycode used to toggle between showing and hiding
+                the slide toc.
+
+	options.selectors.toc
+		The element matching this selector displays the toc.
+
+	options.selectors.tocTitle
+		The element matching this selector displays the current title
+                of the slide i.e the current h1.
+
+        options.selectors.tocSection
+		The element matching this selector displays the current section
+                of the slide i.e the current h2.
+
+        options.selectors.tocSubSection
+		The element matching this selector displays the current
+                subsection of the slide i.e the current h3.
+
+        options.selectors.tocSubSubSection
+		The element matching this selector displays the current
+                subsubsection of the slide i.e the current h4.
+	*/
+    $.extend(true, $[deck].defaults, {
+        classes: {
+            toc: 'deck-toc-frame'
+        },
+
+        keys: {
+            toc: 84, // t
+			sn: 83 //s
+        },
+
+        selectors: {
+            toc: '.deck-toc',
+            tocTitle: '.deck-toc-h1',
+            tocSection: '.deck-toc-h2',
+            tocSubSection: '.deck-toc-h3',
+            tocSubSubSection: '.deck-toc-h4',
+            tocStatus: '.deck-toc-status'
+        }
+    });
+
+    /*
+	jQuery.deck('showToc')
+
+	Shows the slide toc by adding the class specified by the toc class option
+	to the deck container.
+	*/
+    $[deck]('extend', 'showToc', function() {
+        $[deck]('getContainer').addClass($[deck]('getOptions').classes.toc);
+    });
+
+    /*
+	jQuery.deck('hideToc')
+
+	Hides the slide toc by removing the class specified by the toc class
+	option from the deck container.
+	*/
+    $[deck]('extend', 'hideToc', function() {
+        $[deck]('getContainer').removeClass($[deck]('getOptions').classes.toc);
+    });
+
+    /*
+	jQuery.deck('toggleToc')
+
+	Toggles between showing and hiding the TOC.
+	*/
+    $[deck]('extend', 'toggleToc', function() {
+        $[deck]('getContainer').hasClass($[deck]('getOptions').classes.toc) ?
+        $[deck]('hideToc') : $[deck]('showToc');
+    });
+    /*
+	jQuery.deck('toggleSideNotes')
+
+	Toggles between showing and hiding the side notes.
+	*/
+    $[deck]('extend', 'toggleSideNotes', function() {
+		$(".sidebarblock").toggle();
+    });
+
+    /*
+        jQuery.deck('Init')
+        */
+    $d.bind('deck.init', function() {
+        var opts = $[deck]('getOptions');
+        var container = $[deck]('getContainer');
+
+        /* Bind key events */
+        $d.unbind('keydown.decktoc').bind('keydown.decktoc', function(e) {
+            if(e.metaKey) // don't trap CTRL-t/CMD-t
+                return true;
+            if (e.which === opts.keys.toc || $.inArray(e.which, opts.keys.toc) > -1) {
+                    $[deck]('toggleToc');
+                    e.preventDefault();
+            }else if(e.which === opts.keys.sn || $.inArray(e.which, opts.keys.sn) > -1) {
+            	    $[deck]('toggleSideNotes');
+				    e.preventDefault();
+            }
+        });
+
+        /* Hide TOC panel when user click on container */
+        container.click(function(e){
+            $[deck]('hideToc');
+        });
+
+        /* Init TOC and append it to the document */
+        $toc = new TOC();
+        $($[deck]('getOptions').selectors.toc).append($toc.root);
+
+        /* Go through all slides */
+        $.each($[deck]('getSlides'), function(i, $el) {
+            var slide = $[deck]('getSlide',i);
+            //var tocElementFound = false;
+
+            /* If there is a toc item, push it in the TOC */
+            for(var level=1; level<3; level++) {
+                if( slide.children("h"+level).length > 0) {
+                    var tocTitle = "";
+                    var $tocElement = slide.children("h"+level+":first");
+                    if( $tocElement.attr("title") != undefined && $tocElement.attr("title") != "") {
+                        tocTitle = $tocElement.attr("title");
+                    } else {
+                        tocTitle = $tocElement.text();
+                    }
+                    // actually level isn't based on h1, h2, h3, etc yet. Look at parent slide to see if slide0 or slide1
+                    if(slide.hasClass('slide1')){
+                        level = level + 1
+                        }
+                    $toc.push(level, tocTitle, slide);
+                    $toc.tag(slide);
+                    //tocElementFound = true;
+                }
+            }
+
+            /* Tag the slide with the current TOC level */
+            $toc.tag(slide);
+        });
+    })
+    /* Update current slide number with each change event */
+    .bind('deck.change', function(e, from, to) {
+        var opts = $[deck]('getOptions');
+        var slideTo = $[deck]('getSlide', to);
+        var container = $[deck]('getContainer');
+
+        if (container.hasClass($[deck]('getOptions').classes.toc)) {
+            container.scrollTop(slideTo.offset().top);
+        }
+
+        /* update toc status */
+        if( slideTo.data("toc") ) {
+            // reset
+            $(opts.selectors.tocTitle).text("");
+            $(opts.selectors.tocSection).text("");
+            $(opts.selectors.tocSubSection).text("");
+            $(opts.selectors.tocSubSubSection).text("");
+
+            if( slideTo.hasClass('hide-toc-status') ) {
+                $(opts.selectors.tocStatus).hide();
+            } else {
+                $(opts.selectors.tocStatus).show();
+                // update according to the current context
+                var $context = $toc.context(slideTo.data('toc'))
+                for(var level=1; level<=$context.length; level++) {
+                    switch(level) {
+                        case 1:
+                            $(opts.selectors.tocTitle).text($context[level-1]);
+                            break;
+                        case 2:
+                            $(opts.selectors.tocSection).text($context[level-1]);
+                            break;
+                        case 3:
+                            $(opts.selectors.tocSubSection).text($context[level-1]);
+                            break;
+                        case 4:
+                            $(opts.selectors.tocSubSubSection).text($context[level-1]);
+                            break;
+                    }
+                }
+            }
+        }
+    });
+
+    /*
+        Simple TOC manager (must be improved)
+        */
+    var TOC = function() {
+
+        this.root = $("<ul/>", {"class":"toc"});
+
+
+        /**
+         * Tranform a path listing [0,0,1]
+         * into a title like "1.2".
+         *
+         * indexes go from 0 to 1 based counting and the
+         * first one doesn't count.
+         */
+        var list_to_listing = function(a){
+         var title = [];
+         for(var i=1;i<a.length;i++)  {
+            title.push(a[i] + 1);
+         }
+         return title.join(".");
+        }
+
+        /*
+            Push new item in the TOC
+
+            depth is the level (e.g. 1 for h1, 2 for h2, etc.)
+            title is the toc-item title
+            slide is the slide that provides the toc-element
+            */
+        this.push = function(depth,title,slide) {
+            inc(depth);
+            /* Create toc element */
+            var $tocElm = $("<li />", {
+                id: "toc-"+($c.join('-'))
+            }).data({ // keep track of the slide in case...
+                slide: slide,
+                title: title
+            }).append($("<a />", { // create an hyperlink
+                href: "#"+$(slide).attr('id'),
+                html: "<span>" + list_to_listing($c) + "</span> " + title
+            })).append($("<ul />"));
+
+            /* insert it at the right place */
+            var $target = this.root;
+            if( depth > 1) {
+                $target = ($target.find("li#toc-"+($c.slice(0,$c.length-1).join('-')))).children("ul");
+            }
+            $tocElm.appendTo($target);
+        };
+
+        /*
+            Tag the slide with the current TOC level.
+
+            slide is the slide to tag
+            */
+        this.tag = function(slide) {
+            slide.data({
+                toc: $c.slice(0)
+            });
+        }
+
+        /*
+            Get the current TOC context
+
+            path is the current path in the TOC
+            */
+        this.context = function(path) {
+            $context = new Array();
+            var $target = this.root;
+            for(var depth=0; depth<path.length; depth++) {
+                var tocElm = $target.find("li#toc-"+(path.slice(0,depth+1).join('-')))
+                $context.push(tocElm.data('title'));
+                $target = (tocElm).children("ul");
+            }
+
+            return $context;
+        }
+
+        /* cursor */
+        var $c = [-1];
+        function inc(depth) {
+            var current_depth = $c.length;
+            if(depth>current_depth) {
+                for(i=current_depth;i<depth;i++) {
+                    $c.push(0);
+                }
+            } else if( current_depth>depth) {
+                for(i=depth;i<current_depth;i++) {
+                    $c.pop();
+                    $c[depth-1]++
+                }
+            } else {
+                $c[depth-1]++
+            }
+        }
+    }
+
+})(jQuery, 'deck');
+/*!
+Deck JS - deck.split
+Copyright (c) 2012 Qingping Hou <dave2008713@gmail.com>
+                   about.houqp.me
+Dual licensed under the MIT license and GPL license.
+https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
+https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
+*/
+
+/*
+This module splits a long slide into multiple slides.
+*/
+(function($, deck, undefined) {
+	var $d = $(document);
+
+	createEmptySlide = function(title_el) {
+		slide = $(document.createElement('section'));
+		slide.addClass('slide').append(title_el.clone());
+		return slide;
+	};
+
+	$d.bind('deck.beforeInit', function() {
+		$(".slide").each( function(i, slide) {
+			/* each slide */
+			var is_split = false,
+			prev_slide = $(slide),
+			/* extract title which will be added to each new slides */
+			title_el = prev_slide.children('h2'),
+			tmp_slide = createEmptySlide(title_el);
+
+			$(slide).children().each(function() {
+				/* for each element inside original slide */
+				var el = $(this);
+
+				if (el.css('page-break-after') == 'always') {
+					if (is_split) {
+						tmp_slide.insertAfter(prev_slide);
+						prev_slide = tmp_slide;
+						tmp_slide = createEmptySlide(title_el);
+					}
+					else {
+						/* find the first page break */
+						is_split = true;
+					}
+				}
+				else {
+					if (is_split) {
+						tmp_slide.append(el);
+					}
+				}
+			})
+			/* add remaining elements to a new slides */
+			if (is_split) {
+				tmp_slide.insertAfter(prev_slide);
+			}
+		});
+	})
+})(jQuery, 'deck');
+
+/*!
+
+Copyright (c) 2012 Simeon Franklin
+MIT license
+*/
+
+/*
+This module provides a popup menu listing the shortcut key.
+*/
+
+(function($, deck, undefined) {
+    var $d = $(document);
+    $.deck.defaults.keys.helpKeycode = 72; // 'h'
+    $d.bind('deck.init', function() {
+       var help_text = $("<div id='help-text' style='display:none;'><dl>" +
+                     "<dt>&rarr; or space</dt><dd>Advance to the next slide</dd>" +
+                     "<dt>t</dt><dd>Open Table of Contents</dd>" +
+                     "<dt>g</dt><dd>Navigate to # slide.</dd>" +
+                     "<dt>h</dt><dd>Show/Hide this help content</dd>" +
+                     "<dt>m</dt><dd>Preview Slides</dd>" +
+                     "<dt>s</dt><dd>Show/Hide sidebar</dd>" +
+                     "</dl></div>");
+       $("body").prepend(help_text);
+       var $help_text = $("#help-text");
+       $d.bind('keydown.help', function(event) {
+          var opts = $['deck']('getOptions');
+          if (event.which === opts.keys.helpKeycode) {
+              $help_text.toggle();
+          }
+          else{
+              $help_text.hide();
+          }
+       });
+    });
+})(jQuery, 'deck');
+/*!
+
+Copyright (c) 2012 Simeon Franklin
+MIT license
+*/
+
+/*
+This module provides a breadcrumb menu listing the parent
+slides. Requires extra classes put on slides (slide0), subslides
+(slide1), subsubslides (slide2).
+
+*/
+
+(function($, deck, undefined) {
+    var $d = $(document);
+    $d.bind('deck.init', function() {
+       var bread = $("<div id='breadcrumb'></div>");
+       $("body").prepend(bread);
+       var $bread = $("#breadcrumb");
+       var opts = $[deck]('getOptions');
+       var updateCurrent = function(evt, from, to){
+           var $slide = $[deck]('getSlide', to);
+           // only three levels supported
+           if($slide.hasClass('slide2')){
+               var $slide1 = $slide.prevAll('.slide1').eq(0);
+               var $slide0 = $slide.prevAll('.slide0').eq(0);
+               $bread.html("<h2><a href='#" + $slide0.attr('id') + "'>" + $.trim($slide0.find('h2:first').text()) +
+                           "</a> &rsaquo;&rsaquo; <a href='#" + $slide1.attr('id') + " '>" +
+                           $.trim($slide1.find('h2:first').text()) + "</a></h2>");
+
+           }else if($slide.hasClass('slide1')){
+               var $slide0 = $slide.prevAll('.slide0').eq(0);
+               $bread.html("<h2><a href='#" + $slide0.attr('id') + "'>" +
+                           $.trim($slide0.find('h2:first').text()) + "</a></h2>");
+           }else{
+               $bread.html("");
+           }
+       };
+       $d.bind('deck.change', updateCurrent);
+    })
+})(jQuery, 'deck');
+/*
+
+  This module makes sure that switching to a new slide always scrolls
+  to the top.
+
+  It also checks body/slide height - for tall slides set overflow to scroll,
+  for short slides hide scrollbars
+
+  Currently in deck.js presentations with long slides, switching from
+  one slide scrolled down the page to the next slide doesn't change
+  the position of the scroll bar.
+
+
+*/
+
+(function($, deck, undefined) {
+    var $d = $(document);
+    $d.bind('deck.init', function() {
+       var scrollup = function(evt, from, to){
+           $(document).scrollTop(0);
+       };
+       var $body = $('body');
+       var $html = $('html');
+       var height_check = function(evt, from, to){
+           if(to > 0){
+               var slide = $('#slide-' + to);
+           }else{
+               var slide = $('#title-slide');
+           }
+           if(slide.height() > $body.height()){
+               $html.css({'overflow': 'auto', 'overflow-x':'hidden'});
+           }else{
+               $html.css('overflow', 'hidden');
+           }
+       }
+       $d.bind('deck.change', scrollup);
+       $d.bind('deck.change', height_check);
+    })
+})(jQuery, 'deck');
+/*!
+
+Copyright (c) 2012 Simeon Franklin
+MIT license
+*/
+
+/*
+
+  Enables anchor targets to sections:
+
+  <a href="#Some_Section">Some Section</a>
+
+
+
+*/
+
+(function($, deck, undefined) {
+    var $d = $(document);
+    $d.bind('deck.init', function() {
+        var $links = $('a[href^="#"]').not('a[href^="#slide-"]').not('a[href="#title-slide"]');
+        var $h2s = $("h2");
+        $h2s.each(function(){
+                $(this).attr('id', $.trim($(this).text()).replace(" ", "_"));
+            });
+        $links.click(function(e){
+                var title = $(this).attr('href').replace(" ", "_");
+                var page = $(title).parents('section').attr('id');
+                $.deck('go', page);
+                e.preventDefault();
+            });
+        });
+})(jQuery, 'deck');
+/*!
+
+Copyright (c) 2012 Simeon Franklin
+MIT license
+*/
+
+/*
+
+If there's a span.slidetheme in an h2 then add the .slidetheme to the
+enclosing section
+
+*/
+
+(function($, deck, undefined) {
+    var $d = $(document);
+    $d.bind('deck.init', function() {
+        $("h2 span").each(function(){
+            var cls = $(this).attr('class');
+            $(this).parents("section").addClass(cls);
+        });
+        // copy alt to title for all img tags
+        $("img").each(function(){
+            var $this = $(this);
+            $this.attr('title', $this.attr('alt'));
+        });
+        // any img-slide need to have first img scaled to window
+        $("section.image-slide").each(function(){
+            var $img = $(this).find('img:first');
+            $(this).css('background-image', 'url("' + $img.prop('src') + '")');
+            $img.hide();
+        });
+
+    })
+})(jQuery, 'deck');
+
+/*]]>*/
+</script>
+
+</head>
+<body class="deck-container">
+<section class="slide" id="title-slide">
+        <h1>Secure Application Storage</h1>
+</section>
+<!--preamble: Added this to open the first, empty slide section-->
+<section class="preamble">
+<p>Objective: By the end of this module, you will be able<br>
+protect data saved on the file system and understand what to persist.</p>
+<p></p>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Review Questions</h2>
+<ol>
+<li>
+<p>
+Name three of the primary APIs for persisting data in Android.
+</p>
+</li>
+<li>
+<p>
+Why is it a bad idea hard-code secret keys in your application code?
+</p>
+</li>
+<li>
+<p>
+What is the preferred method of generating a unique ID for your application user?
+</p>
+</li>
+<li>
+<p>
+what is the one type of persisted data that cannot be (directly) encrypted?
+</p>
+</li>
+<li>
+<p>
+What is the name of the package that provides encryption for SQLite?
+</p>
+</li>
+<li>
+<p>
+What is the primary advantage of the accounts framework?
+</p>
+</li>
+<li>
+<p>
+Is password-based encryption symmetric or asymmetric? What does that mean?
+</p>
+</li>
+<li>
+<p>
+What is the difference between the system KeyChain and the system KeyStore?
+</p>
+</li>
+<li>
+<p>
+When is it safe to persist an encryption key in the system KeyStore?
+</p>
+</li>
+<li>
+<p>
+How do we check if the device supports this?
+</p>
+</li>
+</ol>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Storage</h2>
+<ul>
+<li>
+Improper storage of data is a simple problem to resolve, if handled from the start
+</li>
+<li>
+Mobile devices are different than traditional computing systems
+<ul>
+<li>
+Physical device access is <strong>easy</strong> to achieve
+</li>
+<li>
+Once physical access is available, device can be rooted, flashed, etc.
+</li>
+</ul>
+</li>
+<li>
+You <em>must</em> assume that once data is <strong>stored</strong> on the device it is vulnerable!
+<ul>
+<li>
+For typical users, this is usually not a problem
+</li>
+<li>
+Malicious users are <strong>not</strong> typical users!
+<ul>
+<li>
+Once a device has been rooted, re-ROM&#8217;d, etc. the malicious user can read/write anywhere they want
+<p><em>The question to ask: what does my app really need to store?</em></p>
+</li>
+</ul>
+</li>
+</ul>
+</li>
+<li>
+The general rule of thumb: store only what you <em>absolutely require</em>
+<ul>
+<li>
+This can mean many things: tokens/keys to access APIs, user credentials, authentication tokens
+</li>
+<li>
+It boils down to propery managing sensitive data
+</li>
+</ul>
+</li>
+<li>
+If you must store sensitive data, have a plan to do so in a way with minimized risk
+</li>
+</ul>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Storage APIs</h2>
+<ul>
+<li>
+File access
+<ul>
+<li>
+<span class="monospaced">Context</span> provides a number of helper APIs
+<ul>
+<li>
+<span class="monospaced">Context.openFileInput()</span> opens a private file for reading
+</li>
+<li>
+<span class="monospaced">Context.openFileOutput()</span> opens a private file for writing
+</li>
+<li>
+Private files are tied to the app package, located in its private sandbox
+</li>
+<li>
+There are additional APIs for cache files
+</li>
+<li>
+"External storage" is also available, with a package private area
+</li>
+</ul>
+</li>
+<li>
+Standard Java <span class="monospaced">File</span> class and related APIs available
+<ul>
+<li>
+<span class="monospaced">Context</span> provides APIs to help get package private paths (<span class="monospaced">getDir()</span>, <span class="monospaced">getCacheDir()</span>, <span class="monospaced">getExternalCacheDir()</span>, <span class="monospaced">getExternalFilesDir()</span>, <span class="monospaced">getFilesDir()</span>)
+</li>
+<li>
+Apps should not assume any specific filesystem paths or mount points
+</li>
+</ul>
+</li>
+</ul>
+</li>
+<li>
+Opaque Binary Blobs (OBB)
+<ul>
+<li>
+App specific file container
+</li>
+<li>
+Can be encrypted
+</li>
+<li>
+App manages the download / mount of the containers
+</li>
+<li>
+Useful for large data sets (graphics, assets)
+</li>
+<li>
+Use <span class="monospaced">StorageManager</span> to mount then access
+</li>
+<li>
+Cannot <strong>create</strong> new OBBs on the device, just access existing ones
+</li>
+</ul>
+</li>
+<li>
+<span class="monospaced">SharedPreferences</span>
+<ul>
+<li>
+File backed storage of key-value pair data
+<ul>
+<li>
+Keys are <span class="monospaced">String</span> objects, values can be primitives, <span class="monospaced">String</span> or <span class="monospaced">Set&lt;String&gt;</span>
+</li>
+</ul>
+</li>
+<li>
+App controls what data is stored and meaning
+</li>
+<li>
+Default for the app is tied to the package name
+<ul>
+<li>
+Default name can be overridden
+</li>
+<li>
+Can use multiple <span class="monospaced">SharedPreferences</span> for the same app
+</li>
+</ul>
+</li>
+<li>
+Data is not encrypted, simple string based lookup
+</li>
+<li>
+Can be used by multiple threads (clients), modifications go through <span class="monospaced">SharedPreferences.Editor</span>
+</li>
+<li>
+Does not support multi-process access
+</li>
+</ul>
+</li>
+<li>
+SQLite Databases
+<ul>
+<li>
+SQLite databases can be used for app specific storage
+<ul>
+<li>
+Accessible to any component in your app, but (generally) not outside your app
+</li>
+<li>
+Backed by private file within the sandbox
+</li>
+</ul>
+</li>
+<li>
+Recommended use is via <span class="monospaced">SQLiteOpenHelper</span> class to help manage creation, updates
+<ul>
+<li>
+Use <span class="monospaced">SQLiteOpenHelper.getWriteableDatabase()</span> and <span class="monospaced">SQLiteOpenHelper.getReadableDatabase()</span> to get a <span class="monospaced">SQLiteDatabase</span> object to call <span class="monospaced">query()</span>, etc. against
+</li>
+<li>
+<span class="monospaced">query()</span> calls return <span class="monospaced">Cursor</span> objects which points to the rows found by the query
+</li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">User Authentication</h2>
+<ul>
+<li>
+User authentication is used for access to user specific data in the app
+</li>
+<li>
+Best Practices for storage depends on app and credentials
+<ul>
+<li>
+BP#1: Certificate/key based credentials
+<ul>
+<li>
+Leverage Android&#8217;s credential storage to securely track
+<ul>
+<li>
+See <a href="http://developer.android.com/reference/android/security/KeyChain.html" target="_blank"><span class="monospaced">KeyChain</span></a>
+and <a href="https://developer.android.com/training/articles/keystore.html" target="_blank"><span class="monospaced">AndroidKeyStore</span></a> provider
+with <a href="http://developer.android.com/reference/java/security/KeyStore.html" target="_blank"><span class="monospaced">KeyStore</span></a> (Android 4.3 and newer)
+</li>
+</ul>
+</li>
+<li>
+<em>DO NOT</em> assume filesystem sandbox is enough
+</li>
+<li>
+Still can be vulnerable to attacks if device compromised
+</li>
+</ul>
+</li>
+<li>
+BP#2: User account credentials
+<ul>
+<li>
+Users have numerous accounts for different service (Google, PayPal, Facebook, etc.)
+</li>
+<li>
+Leverage <a href="https://developer.android.com/reference/android/accounts/AccountManager.html" target="_blank"><span class="monospaced">AccountManager</span></a>
+for storage of accounts and accessing accounts
+<ul>
+<li>
+<span class="monospaced">AccountManager</span> uses plugabble architecture for authenticators
+</li>
+<li>
+Using an existing account, apps can request authentication token for use in requests
+</li>
+</ul>
+</li>
+<li>
+<em>DO NOT</em> assume filesystem sandbox is enough and store in cleartext
+</li>
+</ul>
+</li>
+<li>
+BP#3: Use WebView and Session Tokens
+<ul>
+<li>
+Present the user with web page for login
+</li>
+<li>
+<em>DO NOT</em> store the user credentials at all
+</li>
+<li>
+The web interface presents a redirect with session token on success (e.g. <a href="http://en.wikipedia.org/wiki/OAuth" target="_blank">OAuth 2.0</a>)
+</li>
+<li>
+Keep the session token for subsequent requests
+</li>
+<li>
+Session key can be stored, but carefully do so
+</li>
+<li>
+This relies on the <em>server</em> to properly handle credentials, expire and rotate tokens correctly
+</li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Session Identifiers</h2>
+<ul>
+<li>
+Many network services (Google, Facebook, Instagram, etc.) use session or token based identifiers for access
+</li>
+<li>
+These can be stored on the device, carefully
+<ul>
+<li>
+Be sure to store them in a way so an attacker cannot determine how it is used
+</li>
+</ul>
+</li>
+<li>
+Servers should have reasonable expiration times for session IDs
+<ul>
+<li>
+Some server implementations may issue new session IDs to replace old ones frequently
+</li>
+</ul>
+</li>
+<li>
+Android&#8217;s <span class="monospaced">AccountManager</span> can be leveraged with 3rd party authenticators to help with auth tokens or sessions
+<ul>
+<li>
+It is up <em>to the app</em> to notify the <span class="monospaced">AccountManager</span> if a token is no longer valid
+</li>
+</ul>
+</li>
+</ul>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Hardcoded Tokens and Keys</h2>
+<ul>
+<li>
+Best practice is to <strong>not</strong> use hardcoded values in code
+<ul>
+<li>
+Java (including Dalvik DEX) can be disassembled <a href="http://dedexer.sourceforge.net/" target="_blank"><em>very easily</em></a>
+</li>
+<li>
+Reverse engineering can discover hardcoded values relatively easily
+</li>
+<li>
+This is <em>particularly bad for encryption of data</em>
+</li>
+<li>
+Best Practice: hash a random salt plus and password to create a key (with numerous iterations), store the salt and hash
+</li>
+</ul>
+</li>
+<li>
+Some cloud services require an app authentication token
+<ul>
+<li>
+You have no choice but to store or hard code
+</li>
+<li>
+Best practice: ensure the server only uses this to "authenticate" the app, not the user
+</li>
+<li>
+Best practice on the server: only allow a limited subset of functionality via the app (e.g. no account delete or other more volatile ops)
+</li>
+</ul>
+</li>
+</ul>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Unique Identifiers</h2>
+<ul>
+<li>
+Use of unique IDs is common for apps to track users or installs
+<ul>
+<li>
+Typically used for analytics, ads, etc.
+</li>
+</ul>
+</li>
+<li>
+A common practice uses <span class="monospaced">TelephonyManager.getDeviceId()</span>
+<ul>
+<li>
+<em>DO NOT</em> do this!  There are better ways.
+</li>
+<li>
+It requires the permission <span class="monospaced">READ_PHONE_STATE</span> which can set up a red flag to users
+</li>
+<li>
+It is not reliable.  Some devices do not report unique IDs or change IDs after factory reset
+</li>
+</ul>
+</li>
+<li>
+Best Practice: for non-physical device tracking use
+<a href="https://developer.android.com/reference/java/util/UUID.html#randomUUID()" target="_blank"><span class="monospaced">UUID.randomUUID()</span></a>
+<ul>
+<li>
+If you must track physical devices, use
+<a href="https://developer.android.com/reference/android/provider/Settings.Secure.html#ANDROID_ID" target="_blank"><span class="monospaced">Settings.Secure.ANDROID_ID</span></a>
+<ul>
+<li>
+This is a 64 bit value created and stored when the device first boots.  It is wiped at factory reset.
+</li>
+<li>
+The downside to this is it is unreliable before Android 2.3 (Gingerbread) due to <span class="monospaced">SecureRandom</span>
+used to create <span class="monospaced">ANDROID_ID</span> being <a href="https://code.google.com/p/android/issues/detail?id=10639" target="_blank">seeded incorrectly</a>.
+</li>
+</ul>
+</li>
+</ul>
+</li>
+<li>
+See this <a href="http://android-developers.blogspot.com/2011/03/identifying-app-installations.html" target="_blank">Google Developer Blog</a> for more details
+</li>
+</ul>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Storing sensitive data</h2>
+<ul>
+<li>
+Sometimes, you just have to do it: save your app&#8217;s (or user&#8217;s) sensitive data
+</li>
+<li>
+As we have seen, there are multiple ways of storing data, so how do you protect it?
+</li>
+<li>
+It depends on the storage type
+</li>
+</ul>
+<table class="tableblock frame-topbot grid-all"
+style="
+width:75%;
+">
+<col style="width:25%;">
+<col style="width:25%;">
+<col style="width:25%;">
+<col style="width:25%;">
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top" > Storage Type      </th>
+<th class="tableblock halign-left valign-top" > Private to App? </th>
+<th class="tableblock halign-left valign-top" > Can be made public? </th>
+<th class="tableblock halign-left valign-top" > Encryptable?</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Files</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">OBB</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">No</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">SharedPreferences</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">No</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">SQLite database</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>**</sup></p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>+</sup></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">ContentProvider</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Can be</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
+</tr>
+</tbody>
+</table>
+<p><sup>*</sup> The default setting is to be private, this can be overridden</p>
+<p><sup>**</sup> Making the database public can be done via file permissions or by exposing via <span class="monospaced">ContentProvider</span></p>
+<p><sup>+</sup> SQLite databases can be encrypted using 3rd party libraries</p>
+</section>
+
+<!--subslide-->
+<section class="slide slide1">
+<h2>File Usage</h2>
+<ul>
+<li>
+Regular file usage is simple, well understood and fairly robust
+</li>
+<li>
+<span class="monospaced">SharedPreferences</span> are backed by files, so the same concepts apply (except for encryption)
+</li>
+<li>
+<em>Inherently insecure at runtime or if device physically compromised</em>
+<ul>
+<li>
+Data is "raw" or in the clear
+</li>
+<li>
+App sandbox works for basic protection
+<ul>
+<li>
+Easy to override
+</li>
+</ul>
+</li>
+<li>
+External storage can present issues, if removable
+</li>
+</ul>
+</li>
+<li>
+For simple data (not critical if exposed), basic <span class="monospaced">File</span> access is ok
+</li>
+<li>
+Best Practice for sensitive data: use encryption (file only, not <span class="monospaced">SharedPreferences</span>) with user provided password
+<ul>
+<li>
+No "encrypt file" direct API available, but <span class="monospaced">javax.crypto</span> package can be used
+<ul>
+<li>
+Use a <a href="http://developer.android.com/reference/javax/crypto/Cipher.html" target="_blank"><span class="monospaced">Cipher</span></a> initilized for AES/CBC/PKCS5Padding,
+create an initialization vector (IV) using <a href="http://developer.android.com/reference/java/security/SecureRandom.html" target="_blank"><span class="monospaced">SecureRandom</span></a>,
+save the raw IV at the start of the file, then use
+<a href="http://developer.android.com/reference/javax/crypto/CipherOutputStream.html" target="_blank"><span class="monospaced">CipherOutputStream</span></a> to write
+the encrypted data to the file.  Use the password to <em>derive</em> a key (don&#8217;t store the password!) using PBKDF2.
+</li>
+<li>
+To ensure integrity of the crypted file, create a secure checksum with MAC or HMAC (i.e. SHA-1)
+</li>
+<li>
+Obviously, this is not simple, can be prone to error
+</li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</section>
+
+<!--subslide-->
+<section class="slide slide1">
+<h2>SQLite Databases</h2>
+<ul>
+<li>
+SQLite databases are used frequently in Android
+</li>
+<li>
+Each database is backed by a file
+</li>
+<li>
+<em>Inherently insecure at runtime or if device physically compromised</em>
+<ul>
+<li>
+App sandbox works for basic protection
+</li>
+<li>
+Easy to override
+</li>
+</ul>
+</li>
+<li>
+For simple data (i.e. no user details, password hashes, etc.) basic usage is ok
+</li>
+<li>
+Best Practice for permissions: don&#8217;t override sandbox settings
+</li>
+<li>
+Best Practice for location: don&#8217;t use external (removable) storage
+</li>
+<li>
+Best Practice for sensitive data: use encryption (SQLCipher)
+</li>
+</ul>
+<div class="sect3">
+<h4 id="_sqlcipher">SQLCipher</h4>
+<ul>
+<li>
+Crypto library for SQLite databases, made by <a href="http://sqlcipher.net" target="_blank">Zetetic LLC</a>
+</li>
+<li>
+Encrypts 100% of the database, with a small amount of performance overhead (claims 5-15% overhead)
+</li>
+<li>
+Utilizes industry standard crypto libraries from OpenSSL, utlizes 256-bit AES encryption
+<ul>
+<li>
+Encryption keys can be derived from a passphrase or using raw binary key data
+</li>
+<li>
+Key derivation is done using a 16 byte secure random salt (OpenSSL&#8217;s RAND_bytes)
+</li>
+<li>
+Each "page" in the database is encrypted separately
+</li>
+</ul>
+</li>
+<li>
+Multi-platform and language support: Android, Linux, Mac OSX, iOS, and Windows with C/C++, Java, .NET, Ruby, PHP, Python
+</li>
+<li>
+Has both an open source (Community Edition) and commercial licensed versions
+<ul>
+<li>
+Community Edition is available via BSD-style license
+</li>
+<li>
+Android Community Edition binaries are available free of charge at <a href="https://s3.amazonaws.com/sqlcipher/SQLCipher+for+Android+v3.1.0.zip" target="_blank">https://s3.amazonaws.com/sqlcipher/SQLCipher+for+Android+v3.1.0.zip</a>
+</li>
+</ul>
+</li>
+<li>
+Basic Android walk-thru instructions (assumes Eclipse/ADT, not Android Studio) available <a href="http://sqlcipher.net/sqlcipher-for-android/" target="_blank">here</a>
+<ul>
+<li>
+In code, the major change is the import and use of <span class="monospaced">net.sqlite.database.SQLiteDatabase</span> rather than <span class="monospaced">android.database.sqlite.SQLiteDatabase</span>
+<div class="listingblock">
+<div class="title">Sample SQLCipher Integration:</div>
+<div class="content"><div class="highlight"><pre><span></span><span class="kn">package</span> <span class="nn">com.example.android.sqlsecure</span><span class="o">;</span>
+
+<span class="kn">import</span> <span class="nn">net.sqlcipher.database.SQLiteDatabase</span><span class="o">;</span>
+<span class="err">…</span>
+
+<span class="kd">public</span> <span class="kd">class</span> <span class="nc">SecureDbActivity</span> <span class="kd">extends</span> <span class="n">Activity</span> <span class="o">{</span>
+    <span class="err">…</span>
+    <span class="kd">private</span> <span class="kd">static</span> <span class="kd">final</span> <span class="n">String</span>  <span class="n">SECURE_DB_NAME</span> <span class="o">=</span> <span class="s">&quot;demo_secure.db&quot;</span><span class="o">;</span>
+
+    <span class="kd">private</span> <span class="n">File</span>            <span class="n">mDbFile</span><span class="o">;</span>
+    <span class="kd">private</span> <span class="n">SQLiteDatabase</span>  <span class="n">mDb</span><span class="o">;</span>
+    <span class="err">…</span>
+
+    <span class="nd">@Override</span>
+    <span class="kd">public</span> <span class="kt">void</span> <span class="nf">onCreate</span><span class="o">(</span><span class="n">Bundle</span> <span class="n">savedInstanceState</span><span class="o">)</span> <span class="o">{</span>
+        <span class="kd">super</span><span class="o">.</span><span class="na">onCreate</span><span class="o">(</span><span class="n">savedInstanceState</span><span class="o">);</span>
+        <span class="n">setContentView</span><span class="o">(</span><span class="n">R</span><span class="o">.</span><span class="na">layout</span><span class="o">.</span><span class="na">secure_db_layout</span><span class="o">);</span>
+        <span class="err">…</span>
+
+        <span class="c1">// Init SQLCipher *before* we make any SQLite calls</span>
+        <span class="n">SQLiteDatabase</span><span class="o">.</span><span class="na">loadLibs</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
+        <span class="n">mDbFile</span> <span class="o">=</span> <span class="n">getDatabasePath</span><span class="o">(</span><span class="n">SECURE_DB_NAME</span><span class="o">);</span>
+        <span class="n">mDb</span> <span class="o">=</span> <span class="n">SQLiteDatabase</span><span class="o">.</span><span class="na">openOrCreateDatabase</span><span class="o">(</span><span class="n">mDbFile</span><span class="o">,</span> <span class="s">&quot;myFakePw&quot;</span><span class="o">,</span> <span class="kc">null</span><span class="o">);</span>
+        <span class="err">…</span>
+    <span class="o">}</span>
+
+    <span class="err">…</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+</ul>
+</li>
+</ul>
+</div>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Remembering Users with Accounts</h2>
+<ul>
+<li>
+Given the potential dangers around applications leaking persisted data on the file system, one option for storing user credentials is the <a href="https://developer.android.com/reference/android/accounts/AccountManager.html" target="_blank">Accounts Framework</a>.
+</li>
+<li>
+Accounts allow the system to manage access to credentials and authorization tokens for web services.
+</li>
+<li>
+This presents two useful options to application developers:
+<ol>
+<li>
+<p>
+Use an existing account on the system (like the user&#8217;s Google account) rather than inventing your own.
+</p>
+</li>
+<li>
+<p>
+Add your own account authentication logic (via a custom <span class="monospaced">AccountAuthenticator</span>) to the framework to get the credentials storage out of the application space.
+</p>
+</li>
+</ol>
+</li>
+<li>
+The following is an example of how an application can use the <span class="monospaced">AccountManager</span> service to authenticate a user using their Google account:
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">The following method will work for accounts from any active service (e.g. Twitter, Facebook, Microsoft Exchange) that use the accounts framework. For Google accounts specifically, <a href="http://developer.android.com/google/auth/http-auth.html" target="_blank">Google Play Services</a> now provides a much simpler API.</td>
+</tr></table>
+</div>
+<ol>
+<li>
+<p>
+Accessing the accounts framework requires two permissions:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="nt">&lt;uses-permission</span> <span class="na">android:name=</span><span class="s">&quot;android.permission.GET_ACCOUNTS&quot;</span> <span class="nt">/&gt;</span>
+<span class="nt">&lt;uses-permission</span> <span class="na">android:name=</span><span class="s">&quot;android.permission.USE_CREDENTIALS&quot;</span> <span class="nt">/&gt;</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+You can ask the user to choose a Google account for authentication:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kd">static</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span> <span class="o">=</span> <span class="mi">1000</span><span class="o">;</span>
+
+<span class="kd">private</span> <span class="kt">void</span> <span class="nf">pickUserAccount</span><span class="o">()</span> <span class="o">{</span>
+    <span class="n">String</span><span class="o">[]</span> <span class="n">accountTypes</span> <span class="o">=</span> <span class="k">new</span> <span class="n">String</span><span class="o">[]{</span><span class="s">&quot;com.google&quot;</span><span class="o">};</span>
+    <span class="n">Intent</span> <span class="n">intent</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">newChooseAccountIntent</span><span class="o">(</span>
+            <span class="kc">null</span><span class="o">,</span>          <span class="c1">// Currently selected account</span>
+            <span class="kc">null</span><span class="o">,</span>          <span class="c1">// List of allowed accounts</span>
+            <span class="n">accountTypes</span><span class="o">,</span>  <span class="c1">// Allowed account types</span>
+            <span class="kc">true</span><span class="o">,</span>          <span class="c1">// Show the picker UI</span>
+            <span class="kc">null</span><span class="o">,</span>
+            <span class="kc">null</span><span class="o">,</span>
+            <span class="kc">null</span><span class="o">,</span>
+            <span class="kc">null</span><span class="o">);</span>
+    <span class="n">startActivityForResult</span><span class="o">(</span><span class="n">intent</span><span class="o">,</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span><span class="o">);</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Determine the name of the account they chose, then find the <span class="monospaced">Account</span> object that matches the selected name from the <span class="monospaced">AccountManager</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="nd">@Override</span>
+<span class="kd">protected</span> <span class="kt">void</span> <span class="nf">onActivityResult</span><span class="o">(</span><span class="kt">int</span> <span class="n">requestCode</span><span class="o">,</span> <span class="kt">int</span> <span class="n">resultCode</span><span class="o">,</span>
+        <span class="n">Intent</span> <span class="n">data</span><span class="o">)</span> <span class="o">{</span>
+    <span class="k">if</span> <span class="o">(</span><span class="n">requestCode</span> <span class="o">==</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span><span class="o">)</span> <span class="o">{</span>
+        <span class="c1">// Receiving a result from the AccountPicker</span>
+        <span class="k">if</span> <span class="o">(</span><span class="n">resultCode</span> <span class="o">==</span> <span class="n">RESULT_OK</span><span class="o">)</span> <span class="o">{</span>
+            <span class="n">String</span> <span class="n">accountName</span> <span class="o">=</span>
+                    <span class="n">data</span><span class="o">.</span><span class="na">getStringExtra</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_ACCOUNT_NAME</span><span class="o">);</span>
+
+            <span class="c1">//Find the matching account for the selected name</span>
+            <span class="n">AccountManager</span> <span class="n">accountManager</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
+            <span class="n">Account</span><span class="o">[]</span> <span class="n">accounts</span> <span class="o">=</span>
+                    <span class="n">accountManager</span><span class="o">.</span><span class="na">getAccountsByType</span><span class="o">(</span><span class="s">&quot;com.google&quot;</span><span class="o">);</span>
+            <span class="k">for</span> <span class="o">(</span><span class="n">Account</span> <span class="n">account</span> <span class="o">:</span> <span class="n">accounts</span><span class="o">)</span> <span class="o">{</span>
+                <span class="k">if</span> <span class="o">(</span><span class="n">account</span><span class="o">.</span><span class="na">name</span><span class="o">.</span><span class="na">equals</span><span class="o">(</span><span class="n">accountName</span><span class="o">))</span> <span class="o">{</span>
+                    <span class="c1">//Found a match, get an authentication token</span>
+                    <span class="n">getToken</span><span class="o">(</span><span class="n">account</span><span class="o">);</span>
+                    <span class="k">break</span><span class="o">;</span>
+                <span class="o">}</span>
+            <span class="o">}</span>
+        <span class="o">}</span>
+    <span class="o">}</span>
+    <span class="err">…</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Using <span class="monospaced">AccountManager.getAuthToken()</span>, we can ask the accounts framework to asynchronously authorize the user:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kd">static</span> <span class="kd">final</span> <span class="n">String</span> <span class="n">SCOPE</span> <span class="o">=</span>
+        <span class="s">&quot;oauth2:https://www.googleapis.com/auth/userinfo.profile&quot;</span><span class="o">;</span>
+<span class="kd">static</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">REQUEST_CODE_AUTHORIZE</span> <span class="o">=</span> <span class="mi">1001</span><span class="o">;</span>
+
+<span class="kd">public</span> <span class="kt">void</span> <span class="nf">getToken</span><span class="o">(</span><span class="n">Account</span> <span class="n">selectedAccount</span><span class="o">)</span> <span class="o">{</span>
+    <span class="n">AccountManager</span> <span class="n">accountManager</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
+    <span class="n">accountManager</span><span class="o">.</span><span class="na">getAuthToken</span><span class="o">(</span>
+            <span class="n">selectedAccount</span><span class="o">,</span>  <span class="c1">// Selected account</span>
+            <span class="n">SCOPE</span><span class="o">,</span>            <span class="c1">// Auth scope</span>
+            <span class="kc">null</span><span class="o">,</span>             <span class="c1">// Auth options</span>
+            <span class="k">this</span><span class="o">,</span>             <span class="c1">// Host activity for auth UI</span>
+            <span class="n">mCallback</span><span class="o">,</span>        <span class="c1">// Auth token callback</span>
+            <span class="kc">null</span><span class="o">);</span>
+<span class="o">}</span>
+
+<span class="c1">//Callback to handle auth token request results</span>
+<span class="kd">private</span> <span class="n">AccountManagerCallback</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;</span> <span class="n">mCallback</span> <span class="o">=</span>
+        <span class="k">new</span> <span class="n">AccountManagerCallback</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;()</span> <span class="o">{</span>
+
+    <span class="nd">@Override</span>
+    <span class="kd">public</span> <span class="kt">void</span> <span class="nf">run</span><span class="o">(</span><span class="n">AccountManagerFuture</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;</span> <span class="n">result</span><span class="o">)</span> <span class="o">{</span>
+        <span class="n">Bundle</span> <span class="n">bundle</span> <span class="o">=</span> <span class="n">result</span><span class="o">.</span><span class="na">getResult</span><span class="o">();</span>
+
+        <span class="n">Intent</span> <span class="n">authIntent</span> <span class="o">=</span> <span class="o">(</span><span class="n">Intent</span><span class="o">)</span> <span class="n">bundle</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_INTENT</span><span class="o">);</span>
+        <span class="k">if</span> <span class="o">(</span><span class="n">authIntent</span> <span class="o">!=</span> <span class="kc">null</span><span class="o">)</span> <span class="o">{</span>
+            <span class="c1">//Additional user authentication required first</span>
+            <span class="n">startActivityForResult</span><span class="o">(</span><span class="n">launch</span><span class="o">,</span> <span class="n">REQUEST_CODE_AUTHORIZE</span><span class="o">);</span>
+        <span class="o">}</span> <span class="k">else</span> <span class="o">{</span>
+            <span class="c1">//We are authenticated with the service</span>
+            <span class="n">String</span> <span class="n">token</span> <span class="o">=</span> <span class="n">bundle</span><span class="o">.</span><span class="na">getString</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_AUTHTOKEN</span><span class="o">);</span>
+
+            <span class="c1">//…Use this token to access web services…</span>
+        <span class="o">}</span>
+    <span class="o">}</span>
+<span class="o">};</span>
+</pre></div></div></div>
+<ul>
+<li>
+If the registered <span class="monospaced">AccountAuthenticator</span> needs the user to enter additional information, this will return an activity <span class="monospaced">Intent</span> you need to launch.
+</li>
+<li>
+Otherwise, the token will be returned in the callback <span class="monospaced">Bundle</span>.
+</li>
+</ul>
+</li>
+<li>
+<p>
+You can now use this token to access this service&#8217;s APIs, or your own.
+</p>
+</li>
+</ol>
+</li>
+</ul>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Encryption</h2>
+<ul>
+<li>
+Enhanced privacy and integrity of data (beyond the application sandbox) can be achieved using encryption
+</li>
+<li>
+On-device data encryption is usually done via Java Cryptography Extension (JCE)
+</li>
+<li>
+The <em>key</em> to secure on-device encryption is not storing the decryption keys on the file system
+<ul>
+<li>
+If the file system is compromised (e.g. rooted) the keys are just as easy to obtain as the data
+</li>
+</ul>
+</li>
+<li>
+The chosen method of encryption should rely on information that cannot be obtained by dumping <span class="monospaced">/data</span>
+</li>
+<li>
+The workhorse of encryption/decryption is the <a href="https://developer.android.com/reference/javax/crypto/Cipher.html" target="_blank"><span class="monospaced">Cipher</span></a>:
+<ul>
+<li>
+To encrypt to a byte array:
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
+<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="c1">// derived key for chosen algorithm</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+To decrypt the same byte array:
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// read encrypted buffer from somewhere</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+</ul>
+</li>
+<li>
+To avoid keeping large blocks of data in memory, there&#8217;s <span class="monospaced">CipherInputStream</span> and <span class="monospaced">CipherOutputStream</span>:
+<ul>
+<li>
+To encrypt to a file/stream:
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
+<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="c1">// derived key for chosen algorithm</span>
+<span class="n">OutputStream</span> <span class="n">out</span> <span class="o">=</span> <span class="k">new</span> <span class="n">FileOutputStream</span><span class="o">(</span><span class="s">&quot;some-file&quot;</span><span class="o">);</span>
+<span class="k">try</span> <span class="o">{</span>
+    <span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+    <span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
+    <span class="n">out</span> <span class="o">=</span> <span class="k">new</span> <span class="n">CipherOutputStream</span><span class="o">(</span><span class="n">out</span><span class="o">,</span> <span class="n">cipher</span><span class="o">);</span>
+    <span class="n">out</span><span class="o">.</span><span class="na">write</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
+    <span class="n">out</span><span class="o">.</span><span class="na">flush</span><span class="o">();</span>
+<span class="o">}</span> <span class="k">finally</span> <span class="o">{</span>
+    <span class="n">out</span><span class="o">.</span><span class="na">close</span><span class="o">();</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+<li>
+To decrypt the same file/stream:
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">InputStream</span> <span class="n">in</span> <span class="o">=</span>  <span class="k">new</span> <span class="n">FileInputStream</span><span class="o">(</span><span class="s">&quot;some-file&quot;</span><span class="o">);</span>
+<span class="k">try</span> <span class="o">{</span>
+    <span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+    <span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
+    <span class="n">in</span> <span class="o">=</span> <span class="k">new</span> <span class="n">CipherInputStream</span><span class="o">(</span><span class="n">in</span><span class="o">,</span> <span class="n">cipher</span><span class="o">);</span>
+    <span class="n">in</span><span class="o">.</span><span class="na">read</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span> <span class="c1">// do properly</span>
+<span class="o">}</span> <span class="k">finally</span> <span class="o">{</span>
+    <span class="n">in</span><span class="o">.</span><span class="na">close</span><span class="o">();</span>
+<span class="o">}</span>
+</pre></div></div></div>
+</li>
+</ul>
+</li>
+</ul>
+</section>
+
+<!--subslide-->
+<section class="slide slide1">
+<h2>Password Based Encryption</h2>
+<ul>
+<li>
+One secure method for encrypting data is to rely on a user-entered password to derive the encryption key.
+</li>
+<li>
+This type of encryption pairs well with the <a href="http://en.wikipedia.org/wiki/Advanced_Encryption_Standard" target="_blank">Advanced Encryption Standard</a> (AES) cipher algorithm.
+</li>
+<li>
+AES is a <em>symmetric-key algorithm</em>, meaning it uses the same key to encrypt/decrypt data.
+</li>
+<li>
+Advantage: Key is not stored anywhere an attacker can search without "shoulder surfing"
+</li>
+<li>
+Disadvantage: Requires asking user for passcode repeatedly, or caching in memory (reducing the security factor).
+</li>
+<li>
+We can use the following steps to derive a password-based key:
+<ol>
+<li>
+<p>
+Android only supports the "PBKDF2WithHmacSHA1" key derivation algorithm, which requires a random <em>salt</em> to apply to the password (to reduce brute-force capabilities).
+</p>
+</li>
+<li>
+<p>
+The Cipher Block Chaining (CBC) mode is well-supported for AES on Android, which also requires a random <em>initialization vector</em> for encryption.
+</p>
+</li>
+<li>
+<p>
+We can generate all the necessary bits with the help of <a href="https://developer.android.com/reference/java/security/SecureRandom.html" target="_blank"><span class="monospaced">SecureRandom</span></a>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AES/CBC/PKCS5Padding&quot;</span><span class="o">);</span>
+
+<span class="c1">// Do *not* seed secureRandom! Automatically seeded from system entropy.</span>
+<span class="n">SecureRandom</span> <span class="n">random</span> <span class="o">=</span> <span class="k">new</span> <span class="n">SecureRandom</span><span class="o">();</span>
+
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="mi">32</span><span class="o">];</span>
+<span class="n">random</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">salt</span><span class="o">);</span>
+
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">iv</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="n">cipher</span><span class="o">.</span><span class="na">getBlockSize</span><span class="o">()];</span>
+<span class="n">random</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">iv</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+The <em>salt</em> will be necessary to derive the <span class="monospaced">SecretKey</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kd">private</span> <span class="n">SecretKey</span> <span class="nf">generateSecretKey</span><span class="o">(</span><span class="kt">char</span><span class="o">[]</span> <span class="n">passphraseOrPin</span><span class="o">,</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span><span class="o">)</span>
+        <span class="kd">throws</span> <span class="n">NoSuchAlgorithmException</span><span class="o">,</span> <span class="n">InvalidKeySpecException</span> <span class="o">{</span>
+    <span class="c1">// Number of PBKDF2 hardening rounds to use. Larger values increase</span>
+    <span class="c1">// computation time. You should select a value that causes computation</span>
+    <span class="c1">// to take &gt;100ms.</span>
+    <span class="kd">final</span> <span class="kt">int</span> <span class="n">iterations</span> <span class="o">=</span> <span class="mi">1000</span><span class="o">;</span>
+
+    <span class="n">SecretKeyFactory</span> <span class="n">secretKeyFactory</span> <span class="o">=</span>
+            <span class="n">SecretKeyFactory</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;PBKDF2WithHmacSHA1&quot;</span><span class="o">);</span>
+    <span class="n">KeySpec</span> <span class="n">keySpec</span> <span class="o">=</span>
+            <span class="k">new</span> <span class="n">PBEKeySpec</span><span class="o">(</span><span class="n">passphraseOrPin</span><span class="o">,</span> <span class="n">salt</span><span class="o">,</span> <span class="n">iterations</span><span class="o">,</span> <span class="n">KEY_LENGTH</span><span class="o">);</span>
+    <span class="kt">byte</span><span class="o">[]</span> <span class="n">keyBytes</span> <span class="o">=</span> <span class="n">secretKeyFactory</span><span class="o">.</span><span class="na">generateSecret</span><span class="o">(</span><span class="n">keySpec</span><span class="o">).</span><span class="na">getEncoded</span><span class="o">();</span>
+
+    <span class="k">return</span> <span class="k">new</span> <span class="n">SecretKeySpec</span><span class="o">(</span><span class="n">keyBytes</span><span class="o">,</span> <span class="s">&quot;AES&quot;</span><span class="o">);</span>
+<span class="o">}</span>
+</pre></div></div></div>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">See <a href="http://android-developers.blogspot.com/2013/02/using-cryptography-to-store-credentials.html" target="_blank">Using Cryptography to Store Credentials Safely</a></td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+This key is used to initialize the <span class="monospaced">Cipher</span> and encrypt some plain text into ciphertext:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">String</span> <span class="n">passphrase</span> <span class="o">=</span> <span class="c1">// user entered password</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
+<span class="n">SecretKey</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
+
+<span class="c1">//Pack the result in a cipher text blob</span>
+<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+</ol>
+</li>
+<li>
+We can use the same process to decrypt the ciphertext data:
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">The same salt and initialization vector are required for decrypting the data, so they must be saved somewhere. These values are NOT secret, so it is safe to persist them.</td>
+</tr></table>
+</div>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="c1">// retrieve from encryption step</span>
+<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">iv</span> <span class="o">=</span> <span class="c1">// retrieve from encryption step</span>
+<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// encrypted ciphertext</span>
+
+<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AES/CBC/PKCS5Padding&quot;</span><span class="o">);</span>
+
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+For more details, see <a href="http://nelenkov.blogspot.com/2012/04/using-password-based-encryption-on.html" target="_blank">Using Password-based Encryption on Android</a>
+</li>
+</ul>
+</section>
+
+<!--subslide-->
+<section class="slide slide1">
+<h2>Keystore and Keychain API</h2>
+<ul>
+<li>
+Since Donut/1.6, Android has had a system-wide <span class="monospaced">keystore</span> for storage of VPN and (later) WiFi authentication keys
+<ul>
+<li>
+See <a href="http://www.google.com/support/mobile/bin/answer.py?hl=en&amp;answer=168466" target="_blank">Working with secure certificates</a>
+</li>
+<li>
+Pre ICS/4.0, applications were not able to access it, so those needing to authenticate via client certificates ended up maintained their own key store (hard to manage across apps)
+</li>
+</ul>
+</li>
+<li>
+In ICS/4.0, Android adds support for <a href="http://developer.android.com/reference/android/security/KeyChain.html" target="_blank"><span class="monospaced">android.security.KeyChain</span></a>, which provides apps with
+<ul>
+<li>
+Access to private keys in the system key store and their corresponding certificate chains (subject to one-time user approval)
+</li>
+<li>
+Ability to initiate installation of credentials from X.509 certificates and PKCS#12 key stores (e.g. for installation of organization CA certs)
+</li>
+</ul>
+</li>
+<li>
+Also, in ICS/4.0, Android uses the screen lock password to protect the system credential storage, which works well with device administration APIs and prevents the user from disabling the password as long as they use the secured credentials
+</li>
+<li>
+See <a href="http://android-developers.blogspot.com/2012/03/unifying-key-store-access-in-ics.html" target="_blank">Unifying Key Store Access in ICS</a>
+</li>
+</ul>
+</section>
+
+<!--subslide-->
+<section class="slide slide1">
+<h2>Encryption Using Hardware-Backed Private Keys</h2>
+<ul>
+<li>
+On Android 4.3+, the hardware-backed <em>AndroidKeyStore</em> stores device-specific private keys.
+<ul>
+<li>
+See <a href="https://developer.android.com/training/articles/keystore.html" target="_blank">Using Android Keystore Provider</a>
+</li>
+</ul>
+</li>
+<li>
+We can use these keys with the <a href="http://en.wikipedia.org/wiki/RSA_%28cryptosystem%29" target="_blank">RSA</a> cipher algorithm
+</li>
+<li>
+RSA is an <em>asymmetric-key algorithm</em>, meaning it uses a separate "public" key to encrypt data and a "private" key to decrypt it.
+</li>
+<li>
+RSA private keys are stored inside a secure hardware element.
+<ul>
+<li>
+Typically a Trusted Execution Environment (TEE) on the SoC.
+</li>
+<li>
+<span class="monospaced">KeyChain.isBoundKeyAlgorithm()</span> will tell if other algorithms are also hardware-bound (and, therefore, non-exportable)
+</li>
+</ul>
+</li>
+<li>
+Advantage: This approach doesn&#8217;t require user input (password)
+</li>
+<li>
+Disadvantage: Key generation is slow. Technically key is retrievable (though it would require dismantling the SoC)
+</li>
+</ul>
+<p>Here is an example of using a non-exportable key to encrypt a chunk of data:</p>
+<ol>
+<li>
+<p>
+To encrypt data with a hardware-bound key, we first need to generate one for the application:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="c1">//Create key pair with self-signed certificate information</span>
+<span class="n">Calendar</span> <span class="n">cal</span> <span class="o">=</span> <span class="n">Calendar</span><span class="o">.</span><span class="na">getInstance</span><span class="o">();</span>
+<span class="n">Date</span> <span class="n">now</span> <span class="o">=</span> <span class="n">cal</span><span class="o">.</span><span class="na">getTime</span><span class="o">();</span>
+<span class="n">cal</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="n">Calendar</span><span class="o">.</span><span class="na">YEAR</span><span class="o">,</span> <span class="mi">1</span><span class="o">);</span>
+<span class="n">Date</span> <span class="n">end</span> <span class="o">=</span> <span class="n">cal</span><span class="o">.</span><span class="na">getTime</span><span class="o">();</span>
+
+<span class="n">KeyPairGenerator</span> <span class="n">kpg</span> <span class="o">=</span> <span class="n">KeyPairGenerator</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA&quot;</span><span class="o">,</span> <span class="s">&quot;AndroidKeyStore&quot;</span><span class="o">);</span>
+<span class="n">kpg</span><span class="o">.</span><span class="na">initialize</span><span class="o">(</span><span class="k">new</span> <span class="n">KeyPairGeneratorSpec</span><span class="o">.</span><span class="na">Builder</span><span class="o">(</span><span class="n">context</span><span class="o">)</span>
+        <span class="o">.</span><span class="na">setAlias</span><span class="o">(</span><span class="n">KEY_ALIAS</span><span class="o">)</span>
+        <span class="o">.</span><span class="na">setStartDate</span><span class="o">(</span><span class="n">now</span><span class="o">)</span>
+        <span class="o">.</span><span class="na">setEndDate</span><span class="o">(</span><span class="n">end</span><span class="o">)</span>
+        <span class="o">.</span><span class="na">setSerialNumber</span><span class="o">(</span><span class="n">BigInteger</span><span class="o">.</span><span class="na">valueOf</span><span class="o">(</span><span class="mi">1</span><span class="o">))</span>
+        <span class="o">.</span><span class="na">setSubject</span><span class="o">(</span><span class="k">new</span> <span class="n">X500Principal</span><span class="o">(</span><span class="s">&quot;CN=&quot;</span> <span class="o">+</span> <span class="n">KEY_ALIAS</span><span class="o">))</span>
+        <span class="o">.</span><span class="na">build</span><span class="o">());</span>
+
+<span class="c1">//Calling this also binds the private key to hardware</span>
+<span class="c1">// You could obtain it here with getPrivate(), if needed</span>
+<span class="n">KeyPair</span> <span class="n">kp</span> <span class="o">=</span> <span class="n">kpg</span><span class="o">.</span><span class="na">generateKeyPair</span><span class="o">();</span>
+
+<span class="c1">//Use public key to encrypt data</span>
+<span class="n">PublicKey</span> <span class="n">publicKey</span> <span class="o">=</span> <span class="n">kp</span><span class="o">.</span><span class="na">getPublic</span><span class="o">();</span>
+</pre></div></div></div>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">You only need to do this once, and persist the public key somewhere for re-use. Generating a hardware-bound key is expensive (many seconds).</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Now we can pass the public key to a <span class="monospaced">Cipher</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA/ECB/PKCS1Padding&quot;</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">publicKey</span><span class="o">);</span>
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+To decrypt, we retrieve the private key from the keystore:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">KeyStore</span> <span class="n">ks</span> <span class="o">=</span> <span class="n">KeyStore</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AndroidKeyStore&quot;</span><span class="o">);</span>
+<span class="n">ks</span><span class="o">.</span><span class="na">load</span><span class="o">(</span><span class="kc">null</span><span class="o">);</span>
+<span class="n">KeyStore</span><span class="o">.</span><span class="na">Entry</span> <span class="n">entry</span> <span class="o">=</span> <span class="n">ks</span><span class="o">.</span><span class="na">getEntry</span><span class="o">(</span><span class="n">KEY_ALIAS</span><span class="o">,</span> <span class="kc">null</span><span class="o">);</span>
+<span class="k">if</span> <span class="o">(!(</span><span class="n">entry</span> <span class="k">instanceof</span> <span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">))</span> <span class="o">{</span>
+    <span class="k">throw</span> <span class="k">new</span> <span class="n">KeyException</span><span class="o">(</span><span class="s">&quot;Not an instance of a PrivateKeyEntry&quot;</span><span class="o">);</span>
+<span class="o">}</span>
+
+<span class="n">PrivateKey</span> <span class="n">privateKey</span> <span class="o">=</span> <span class="o">((</span><span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">)</span> <span class="n">entry</span><span class="o">).</span><span class="na">getPrivateKey</span><span class="o">();</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+The private key can then be passed to the decrypt <span class="monospaced">Cipher</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// encrypted ciphertext</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA/ECB/PKCS1Padding&quot;</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">privateKey</span><span class="o">);</span>
+
+<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+</ol>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Lab: Encrypting File Data</h2>
+<ul>
+<li>
+To begin, download and import the initial <em>SecureNote</em> application (if you are using our student VMs, you can skip this step and simply open the <span class="monospaced">SecureNote</span> project):
+<ul>
+<li>
+Option #1: Clone separately and import:
+<ol>
+<li>
+<p>
+Download the code <a href="https://github.com/thenewcircle/SecureNote" target="_blank">from GitHub</a>:
+</p>
+<ul>
+<li>
+As a ZIP archive: <a href="https://github.com/thenewcircle/SecureNote/archive/master.zip" target="_blank">https://github.com/thenewcircle/SecureNote/archive/master.zip</a>
+</li>
+<li>
+On the command line: <span class="monospaced">git clone https://github.com/thenewcircle/SecureNote.git</span>
+</li>
+</ul>
+</li>
+<li>
+<p>
+Open Android Studio
+</p>
+</li>
+<li>
+<p>
+Select <em>Import project</em>
+</p>
+</li>
+<li>
+<p>
+Choose the root directory of the cloned project
+</p>
+</li>
+</ol>
+</li>
+<li>
+Option #2: Import directly from GitHub:
+<ol>
+<li>
+<p>
+Open Android Studio
+</p>
+</li>
+<li>
+<p>
+Select <em>Check out project from Version Control</em> &#8594; <em>Git</em>
+</p>
+<ol>
+<li>
+<p>
+Enter "https://github.com/thenewcircle/SecureNote.git" as the URL
+</p>
+</li>
+<li>
+<p>
+Choose a destination directory on your machine (e.g. <span class="monospaced">~/StudioProjects</span>)
+</p>
+</li>
+<li>
+<p>
+Click <em>Clone</em>
+</p>
+</li>
+</ol>
+</li>
+<li>
+<p>
+After the clone is complete, select <em>Yes</em> to open the project
+</p>
+</li>
+<li>
+<p>
+Click <em>OK</em> to run the Import Wizard with the default options
+</p>
+</li>
+</ol>
+</li>
+</ul>
+</li>
+</ul>
+<p>After importing, you will need to click File&#8594;Sync Project with Gradle Files</p>
+<p>Once the project is imported and open, build and deploy it to a device/emulator. You should see a user interface that looks like this:</p>
+<div class="imageblock">
+<div class="content">
+<img alt="images/Lab-SecureNote.png"
+src="data:image/png;base64,
+iVBORw0KGgoAAAANSUhEUgAAAWgAAAKACAYAAACxGuKnAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAL
+EwAACxMBAJqcGAAAAVlpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6
+eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYg
+eG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4K
+ICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6dGlm
+Zj0iaHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8iPgogICAgICAgICA8dGlmZjpPcmllbnRh
+dGlvbj4xPC90aWZmOk9yaWVudGF0aW9uPgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9y
+ZGY6UkRGPgo8L3g6eG1wbWV0YT4KTMInWQAAQABJREFUeAHsnQW8HsXVhyfuISQhQUKcBHfX4O5Q
+3KVIaZHiBVIoUOhHkVKkRUpxdynu7hogkARNQtw93z7n5lz2bt732t6FTfY/+b2yuzNnZp6d/c/Z
+s/PeNGrSpMncoCQCIiACIpA7Ak1z1yI1SAREIBcE5s6dG3jFU6NGjWzTP+PH0n6nrrrYnTNnTpUq
+KVuX8lUK53SjkTzonJ4ZNUsEfgUCiB5CGelCaN26tb2aNWtm+9g/derUMGXKlDB9+nRrHfnSJuqk
+jkUXXTSMGjXK6qpOaGlH06ZNQ5cuXULjxo0tP5/Tpk0LI0eOtH1p25SX8hLovJwJtUMEfkUCiCQi
+17Fjx7DIIouEmTNnhuHDh1cKcbxpSyyxRGjTpo0d++mnn+yzvt4r9bZs2dJeY8eOtWoQ69mzZ5f0
+hhFnjvsEEW8X35lUEOrqBD5ZJs/bEug8nx21TQQyJoDg8VpyySXNKx02bFiVGtddd92w+OKL2z6E
+74knnqhyvH379qFTp04BoZ40aZJ53lUyVLNBvc2bN7eJAa/8t7/9bXjyySfDkCFDbD8iHU9s4zXj
+PeNtDxgwoDIfoo33/OijjwbahCc+efLkWnnTtKOUoDN5kGo7+Xh+JrpSqabjpcpIoEtR0T4RKAAB
+BAOxQ4C//fZb6/EWW2wRdt9997DyyiuHrl27mhDilSJiCCReLq+vvvoqPPfcc+Ef//iHlWvVqpV5
+r6NHj661SGNvueWWC5999lm4+eabw1prrRWWXXZZE0S86hkzZlSeBfK2a9cuTJw40fb16dMnvPvu
+u7YPb5r8bK+xxhqVZTx/qTAM/eHVokULY8AE4SINFwS/Q4cO1hfCOhMmTKg8XlnBvC/khxH1kchL
+GRfqmo7PM1PyQwJdEot2isDCTQDRQJwQN4Rqr732CkcddVRYddVVTZhq03vCIHi7Dz30UDj55JOt
+CCGSMWPG1CjSCC5iPGjQoHD66aeHCy64IAwePDgss8wy5iWPHz8+zJo1q7IZHp8+99xzwzrrrGOi
+uvHGG9sn7Udc8eLfeOMNq/s///lPuOuuu0Lnzp0Dk4aLpRvEHp42gk85JioSdVKGbUI8npZeeunw
+448/Bri5kHOMfjDB0V5EmYRQI9gjRoyw7eqOl5o8rNC8N63iiNPQdxEoCAFCC7wIW9x0001hzz33
+DHjBJPcua0KBl9mvX7/wxz/+MWy++ebhxBNPDM8//7wJfDmPE3FDBCmHOBPWOOOMM6wq2kJCBJOp
+bdu2FrZYb731Al4+iXa6YPK52GKLhR122MGOvfnmm/bp5WwjekNQCckQAuFFwov/4osv7Bji7Pu3
+3nprs0lYhzsMBB1PGxv0gzoJubiQw5B99957rwk/kxX5yh2nvUwO1Yl06WCJNVtvIiACCyMBhI2H
+fIho3759A0KEOCOcCAwJj7O6F8KDHcSKtNpqq1lMmO9+q8/3eHJxpk4EcddddzXPGREluZfLJ7bj
+ydvlYQ+vN1mGcvQD754Ut0MZ96gRz7///e/h008/DRdffLH1g7AJ4kyoBYHnzuDGG28Mn3/+ebj6
+6quNF543D0nxqJdaaimLe++zzz7hyy+/DLfddlu44447LGSzyy672J0E3nu544gz3rX3Jd5f/y6B
+dhL6FIGCEEAox40bZwJDWOHxxx+3nnNbzzEXX3YicPGX7+OTfJ7whgcOHGibCH8ykRfh7Nmzp4Uy
+VlxxxXDllVfaqhEXUy8Tt5vc58f804/7J/v95fv4ROC7d+9uAozY4hH/4Q9/MO8Z0SW5TcIjiPQj
+jzwSLr30UjtG+AdvH1H94YcfAg9Tv//+ezt23nnn2USHmN96660WurnwwgvtGG+ljhPSITHheIzf
+diTeFOJIANGmCBSFALFiPMlDDjnEPGpu0UkIsosV2/497o2yD8+P23OE6sgjjySreZfEauO37eRF
+nPE4hw4davmID7NyBOF0L9jte32WsQHf3FPFY3/nnXfCK6+8YrFzr5fJiruJ3r17mwfNw1ISoSDE
+fP311w/XXnttOOWUU0LPaKI55phjwn777RfwvJ955plKBsTRyUuMHL7lju+2227hvvvuMy6Ifql+
+y4NuwAEgUyKwoBBADPyhFuGN3/zmNyZa7EewXLToj2/7MT4RVkQYG3iIL730knmRiLM/cHMWiDPx
+Vvc433vvPfNc4+LsebP6ZBKgflZmHHDAASaeLMljP/0hsWqFUMXhhx8ejj/+eHtg6vv5/O677/gI
+hx12WDj66KMtFt6jRw/bh8B68nzEtom1k0od92Pxycxt+Kc8aCehTxEoGAGEAS8aTxahXXPNNS3e
+inC4d+zi5WhcnBE2QhPEcfEqfUUG4hwXd+zwwxf3kvE0WSmCOCdtex1ZfdJfD+0g1oQ84omJ6uuv
+v7YXYQceCLJihHgyIZEzzzzTsl9//fW22uTpp58OW265ZdyEfadvJJb+sVImmZwPx0nVcZAHnaSn
+bREoEAEEFe+Oh14k1j/jASJmHhJwD5rjca/38ssvD3/6058qV2RQxsWHvHxHhFg1wZKz+++/P2y2
+2Wa2H1GqTpgon3XyB45ejwvrCiusYOLMflZk0C9facIDTh4qHnHEEVbMJx630dCfEuiGJip7IrAA
+EUBEEWk8RMSHddEDo4d9rA9GmNzTRUzJ66Lqa5979eplD8zKCRXCj1d63XXXmSfqaNyeb/9Sn9Tr
+Qux98brZzwqNTz75xHYR7iBu/uc//znccsstNnkRp+YOgxgzyZcG2sa8N2fBseQkQBav13+uHp/U
+4nb4rhBHkoi2RaBgBFykEZ/+/fsHbuFZ33vOOefYLbqLNPkQH+LNO++8s3nG/KoQoUHM4wnvG1ss
+UbvkkkvsQSTHsYWN6kQpbifr7/F24O3DgPT2228HJh/WdvtKjg8//NAe+rFEkBfJ8yPsnggZkchD
+eIdU6jgTAMknDNtIvEmgE0C0KQJFJIBQIbIIKsLKMjGWn/ELQQSVB3142h999JE9YIMR+ZM/7cY7
+JK//hPuEE04Ixx57rNlwcaase5Hx774vLpocL5c8v3+Wy1duP+Xom08ufCfxYxt+Mo4g94xWa/BD
+HvIQtz711FNtrfPyyy9vKzs4xkTGj2eYiGC04YYb2sNGfgpP4teWyeOI9z333GMPLZnkyvVBAm0I
+9SYCIgABRIq/s8FSM5aT8SCNn4EjPKz95cclJEIXhEXYHxdUxBlR4+9r7LvvvuHss882L5wHioic
+x7XNSPSGMLGPet2Of3oePn1f/DPpeXLM7Xi+uA3/7sdoE39QiYeBJEST+DMhDEIThHxYr02fWGrH
+Wm8Emv1MQO4Vs4oFkf79739vdhDks846y77zBoO//OUvVY6Tn8SDSR5c+iRhO2NvEugYDH0VgaIT
+cMHkF3X86m7vvfe2TwTppJNOMvFmXS8inhRnhI/QCGudDzroIPtDSv6rQn4WXi655+qrGsiX9Cg9
+j9spJ2iUpV28SKXs4PWTWAfNkjv/aTd1MAkdfPDBgbXSlEXE6Rf2/Ac4TFjdunULL7zwgok0P1Dh
+xfI88hIiIvFwFBvEr3klj8MquWbcCsbeJNAxGPoqAiJQ4UUjRv4LO27Pe0XxWDxDHpqVEme4IXAu
+iPxtDpbwIXguruRx75Xvnpd9iDPhExKimPSO/WEbgsafFSXu7eWt0Lw39uGRUzcJW8nEcYQeO6ws
+IVE/efmTqfzJ03KJCYf+82IJHe3h59r8vQ0ehHryfWz791LHq5toKKu/ZgcFJREQgfkIIGQ85GI1
+AoLoQlOdqFAGEfM/Czqf0Rp2IJSIcSnxRbTjf9aznCkEH4GmLaXsUI489INf+tE3/hqdTyTs4xh5
+KO+fCDjeN380iXa6J0678LjZT8JW/G9R13TcCpV5k0CXAaPdIiACFX/9DVFEkBC96sTZeSFIiBq3
++C56CF0psSQfLxLCjLCXy4ct4sG1TYQlaEspe27Dj8fzsK9cog3eZu+b52VCIJVjVNNxtxP/lEDH
+aei7CIhASQKIUlzESmaK7UQcye/iGztU8it5EUYXsVKZsEVYgVc5u14nv4yszlYp+3ncF/WnUcX0
+lcfWqU0iIAILJAGEsj6pnPDWx9bCUKapPxVdGDqjPoiACIjAwkSgqa/li3cqPvv5jMY+/07eeJ54
+WX0XAREQARFoGAJNk4HupNm4EMe/J/NpWwREQAREoGEJ6I8lNSxPWRMBERCBBiMggW4wlDIkAiIg
+Ag1LQALdsDxlTQREQAQajIAEusFQypAIiIAINCwBCXTD8pQ1ERABEWgwAhLoBkMpQyIgAiLQsAQk
+0A3LU9ZEQAREoMEISKAbDKUMiYAIiEDDEpBANyxPWRMBERCBBiMggW4wlDIkAiIgAg1LQALdsDxl
+TQREQAQajIAEusFQypAIiIAINCwBCXTD8pQ1ERABEWgwAhLoBkMpQyIgAiLQsAQk0A3LU9ZEQAQK
+QoC/jx//G/lZdFsCnQVV2RQBEVioCSDMrVq1sleWIt2gAu0N5Q/78x8B6A/8L9RjVJ0TgUISQOfa
+tWsXPv/8c3vx3bWvoYE0bQiDNA5BpqGkmTNn2v/Qy/93yP/uO2XKFPsv1RdmwYYBfWVWhQUM6He8
+z+Rp3ry55eF/MJ48eXKN/y18ufPjAyJuv1xe7RcBEWgYAlx3/K/iH330UVh33XXN6Ouvvx769+8f
+pk+fXuV6b4gaUws0QoPoIMYffvhhyTbx/x527NgxTJo0ycSrZKYFeCcnjf4PGzbMJiLvynLLLWci
+jWB7ni+++MIPh8UXXzy0adPG/nv42gqt22nbtq3ZgSmTQW3LV1auLyIgAnUmwHX38ccfh7/97W/h
+sMMOs/LXX399OPnkk8OKK65oGteQ12KqEAdigTjjCX766afhT3/6U3j66afDJ598Yq7/G2+8Ea69
+9loTD/bROQQ9mbDDq6ZU23w12UkeL2e33P54efLgNX/55ZfhoIMOCs8880x4+eWXw8CBA8Nnn30W
+FllkEeuz5znjjDPCK6+8Ep544omw2mqrha+++spm5KTNUnWzj4ngm2++Ce+99569hg4davs4lkyl
+bCTzaFsERKB2BNA6whobbbRROPTQQ8Oiiy5qL76zD+cL77ohUyoPmlv6GTNmhB9++MGEefPNN5+v
+bWuvvXbYYostAsJ05513hhVWWMEEnVmGF53GDsLNLcLs2bPn8wZdmMhLIg954wkbeKoc4+WJfRzD
+Bp4mie0mTZpUbrds2dLKTJs2zeomL3moj/KzZs2yfrI/mdjnJ2WZZZYJm222mWVZdtllTYTffvvt
+wH7Ps9JKK4X111/f2nPXXXdZXurx/sTr9X76pEY7Bw0aFPbdd9+w1157WVtheuuttwbqi7ef/lFn
+Te1P9kfbIiAC+SFQb4FGmPCI33///XDbbbcFF2c8u2effdYEDTFCsHr37h3OOussE2iECPFAlPjk
+dsETQta6deswceLESqFEYNq3bx/GjBljXqrnxTaTA6JEnlGjRlm5zp07mw1Ejf3EgX/66ScLJTDj
+sW/06NFmr0+fPtYGvHsS24gisfSpU6faXYHXx+0LQs1+bMSTCzcTgE8OnTp1Cn/5y19sckIoPQ9t
+JmHH8/ox+ul3I26fCY0EExd5eO600062/5133rFPeMICW3VtvxnQmwiIQLUEuHaJNb/00kvhhhtu
+CIcffrjp1I033mj7sghx1FugudVGNEh4yaTBgweH1Vdf3b77G94dHh9C8+c//zmcc845YZ111gmE
+P0hbbbVVWHrppS12gzdIoqPYdm/ygw8+MJHeb7/9TNi5rX/uuedMiJZaaikTO/dSKYeYUxYBXGyx
+xULfvn3NWx45cqR56gjxKqusEvBuyX/IIYfY54svvhi6du1qDwBoB14qk9C3334bnnzySbNJPYh+
+XKQ95sQn+317k002sYnpvPPOCxtssAEmK48lyxOL9hi+1zt8+PDw6KOPWjn4uSfNxObizncS9jiO
+yPMAg+R2amq/ZdabCIhAjQR45tOvXz+LOf/3v/+1/Fxv7OOYX/s1GqplhnoLNA3BY8NbQwxJeIUk
+Zpkll1zSYqUPPfRQ6NWrV+D23G/jEWfCHog1QokNjg0cONBmJgLweMjsI4575ZVXhh133NFsIkjj
+x48PeI6nnHJKePfddwMP466++mqr9/HHHw977rmnTRpvvvmm2WMbkTr44IMD++6++24LCSC6Xbp0
+CRtuuKF5y4ggIk4sff/997d245lOmDDB7hROO+208Nprr1l99LXcyUAoaTtxZ+JTCLRPZqXK4Bkz
+WeBx09aePXvaRMQJp/+XX365hTGYzO6///7ApIQdXieddFI44ogjwqmnnhp8wBBOOuCAA+zOpT7t
+t5OoNxEQgWoJ+J1vtZlSHqy3QHM7z238999/H7777rvQo0cPE0gEGYHDwyX9+OOPFtrgO0KEUONN
+8uSze/fu5gny0AtbxFERacTsmmuuoUjg9gFhJY0bN85CAAgUIRWOIfBMFL4ighAHCQ+fxOoRvGBW
+kvhEwnf27bzzzhbiIB9iSrrgggtM+JkIEGYEu1u3bmHjjTcO//73v837x4NG+Ah5JBOiiXdLmGfA
+gAGhZyS23BngzZZLiDMifNxxx5noIswjRowwIV5rrbXCZZddZuEcQjHUCXvqJ/m2e9IXXnhh+OMf
+/2h9rU/7y7VR+0VABILpBmHZiy++2BwjmFx33XX5W8XB7OEChbggxIgGni4rORBoxA4PlbTGGmtY
+6AIxPf30002cEVy8aMQdL5BlasSg8TpJe++9d9htt93sO143godY4i3jpa688srhn//8ZxgyZEhl
+W/xBoM9u3kbiR77PPXm2n3rqqXD++eebneWXX95WYiB2nATqJvxC/yiDh33RRRdZOxF4DzlYA6M3
+7PFiIsDTfuGFF+zQdtttF4488kj7Hg9tuKhus802FgZC3BHh3Xff3fgQtydcw6TD3QIrZZjEGBye
+LrnkEsvLyhAmK1aSUD/txw7tR+Br0363qU8REIH5CaBvvoqDJXYdOnSwF3rFXXgWqzgaz9+M2u1B
+THigRbyYkAGNfPXVVy3MQdwXMUWIEY5//OMfFpJANIjLsryMRHwVcSTdfvvt4YEHHrDvxHlJhEGI
+qeKxIjLEohGoY445JrA4nPp58EeiPfFP26hmP8d5wEnYAI8foUNECc0g5oQlWDJHOv744yvjw0w0
+JIQ/Lra2M/ZGu7fffnvzwBFzvGOSTxIu5OxDSBFh6mXyIfTCIngmOEI2JMI4hF1I3lds+CTB4CCW
+zt2Bt5+JknTCCSfUuf1WUG8iIAK1IsA16dd2rQrUMlO9QxzYR6AQSW7D33rrLQtd8GQTj5AYMg/n
+ELzf/e53Jhx77LGHedLEnEmUw9MkHIHn62KLoOF1uvfNqgvEndULeJ3EuI8++mgLX3CMGLcLlRku
+8xYXNrLQdtKWW25pnjR2SNjCYyW+Sx8RYzxRkodQuBOgLeXqJZRDuueee2xCYSIjxkz83JOfUEI9
+JFaicKfAHYV7/sTYuZPgISL9Jrnnnfxen/b7w0YzrDcREIGyBHB8alrF4ZpS1kgdD9RboBEXhJUV
+FYQYSKyOIB7Di4TIIaQ9ozgsoQ9eiKQLDE8+kwnBQ6yJCXuclW2EmHKU58XSOV/1QL2ekiLs++Of
+nsc9YGK1JI9DU697yl7OhcwFGQH1mLbncbtsu8Aee+yxFrfG3oEHHmgPAzlOXhdoj5cThiD27AzI
+58vx6DsiTfJycRvsT9t+bCiJgAiUJxBfxXHTTTfZdZzLVRzEiomJcvvMigFEhQd7CAyeMcJCrBSx
+Y3kdn4QsCE24wNxyyy3mufKADxFGMPFMEZp77703HDzv4SDeKGETbOJ9M0sRv/aHjC60YHUBdbHy
+bY55vXyPJxda6iYh2H/9618ttOKTBALNCxHlISXJRds2qnm74oorwlVXXWVeOHcHJMTVBd1nXdpM
+P8eOHWsPI8jHQ07aQNvj3jfH2Bfve1btpy4lERCB+QmU05T5c9ZvT708aBrlooZAeEyZVRF4z76C
+gyZ5Pv9OrJkHe4QzeODnS8O8+XjZDz/8sG3y0JCEaPGDF+LQnlizTNjgkUceMc/UQTFxkAi5kPzH
+HXx3QeR7PHlZ1nGT+Hk2DwB4IBhPO+ywg9VHjBwP2ct5nuQ2+1n9QR8J++yzzz6VYZx4Xn4mTiKk
+s8suu4Szzz7bJiP2+fppxJlwB4myvGDPjO4p3n76UNf2ux19ioAIlCaAg0W4laXAhHNJWa7iqJdA
+I3R4fcRjeLjGD0gQaTzkBx980B6uIRwcR5QQEh70+Y9T+ESweGDIQzBEm7TtttvaAzPWKvNUlB+5
+8AAND5sHg4giIRUehvHbdxJxWxIeNYmVGDxcQ8wQVISdFBdE96r9k7YRK+dh5q677hp6RiGZo446
+ykIKPOTkxyv0kTAFebhrYAWJh0bcNp/YpL++D9vElPmxDg/+iBNzjBd3DSROsNfL02FiXazzZk30
+gOhhK4ltn7hgT3nOAxMATLhzYdCw8oT6CC0xmGg/ws8DxlLtLzdpWaV6EwERqCTAnayv4mBRBE4c
+ie8sL0bXuL65fhsq1UugqZzbe7/950cSl156qS1D4yfIvFyoyEuDEVs8SeLOzDwIOYKBUG+99dYm
+OAgbCbEh8QARb5vVIHitiCP1egwb7/nEE0+0vPfdd589mMQzJ78nv+33kAf7/QGee9fYZB02sSS8
+TlZw8DCQlRcInd8FIMjEwkku7nx3kSOW7G3zuDKTCt4siRUaTB7Yow3eX0JFTHTUy0TBJ+W8Xo4T
+z+dOgn7873//s0mCUAt3HDA888wz7eemiPTAgQPr1H5rnN5EQATqTQANcKes3kZKFGwSCdrAEvtr
+3EWDEF5EgpmDGCueJqKCeBEv5kEeokcMlqVseNQIGD9uQayYbRBJBBKPm6Vi/PU7HqxxjJUTrILA
+O0Z4ETQElx+23HHHHRbawFv0fHiMCC3tQkzxzhEzRO/rr782D5T12gga7eTvhvDLPMSY+rHz2GOP
+2U/WmR3J4w8oCZkg/PxYhfXQeLEuzPSJvhJyIS6OiBOCwXvFNm3BNssI8fAJwxC+oW388SMmKiYs
+uNBP6qUP/NSbpXLM0PyikL4yKSLYJI/B82MaliyyhppzQcgk3n7WUnNXUq79NZ5sZRABETCdYhkr
+PyzDWWLpK8+k+Lsc6ALXtjuEDYWrUSSE8/+JtjpYR4xZXcCtPLfanugIYugJ8ULUEGMECgH3GDO3
+4IiMJ+8oeeN/W4LjCJ6HNfDGqR8RxSYiRkIM+Wl3MiFweLYeq+U4njnlEVtsJetD3PlrfZ7oB790
+dO+X/cyc2GXi4ISRsOd/A4Tv5GEy4hbJk//6kfrxspnMPHEMgSYx8fGwEMbYwvtG2En0CY5MTuTD
+wyZG5qk27fe8+hQBEaieQPw6JmTJ9cidPs4n1z7bDZlSCzSNodF4faywQGxYhYAHiGggPO4he8Nd
+0DiOUONxInB4vwifx3bdNvnwUskHBEQasUMose1QqJ96yed1s+12fHajLPZoK8e9PPl8wiEPnjt1
+YJd+kNdF0ozG3ugTNilHIi9hirhtvnuohfy0h08Sn0x0cMDjpR68afrBxBZvJ3nZj30mKyYVbNN2
+jjFZ1bX91gi9iYAI1EiAawxN8L+CyR01OhG/1ms0UssMDSLQXhcCgUgh1i4YiAgdKtV48pOXF3nI
+i+DGvVNse3nECzvk41Uqn9ePbfeMyYcNXiRs8IrvswPz3jwf9VHWbXnZeN7kd28TZcqlZHs8n9dL
+GIP2wYJ+8j2ZyBvvK/k8uZ36tN9t6FMERKA8Aa4xd7ZwMktdo+VL1/5Igwp07atVThEQARFYsAm4
+I5SVOEOn3qs4Fmy0ar0IiIAIpCOQpTB7yyrWtfmWPkVABERABHJDQAKdm1OhhoiACIhAVQIS6Ko8
+tCUCIiACuSEggc7NqVBDREAERKAqAQl0VR7aEgEREIHcEJBA5+ZUqCEiIAIiUJWABLoqD22JgAiI
+QG4ISKBzcyrUEBEQARGoSkACXZWHtkRABEQgNwQk0Lk5FWqICIiACFQlIIGuykNbIiACIpAbAhLo
+3JwKNUQEREAEqhKQQFfloS0REAERyA0BCXRuToUaIgIiIAJVCUigq/LQlgiIgAjkhkBT/y+a/I9P
++2duWqiGiIAIiEBBCPjfmPbPpv7F+8+2RNpp6FMEREAEfhkCcS3275UCHRdm/z/z6tssCXx9yamc
+CIjAgkbAxbQ+7fayrpm+jS2+N/X/5DRp3Ask9/t2dcfjlXh+fYqACIhA0QjUpIXljvt+E+hSYkuG
+Uvt9nxsoGnD1VwREQATqSqCUXpbah934fvtPY+M7aqqYvC7SpfL6sZrylSqrfQ1HwM8DFutyfhuu
+BbIkAsUg4FpX3XVW7li5/ZDjWGUMmh3xi9oz8OnJj9dk1PNXl8/z6LPhCHB+CFk1adLEXvBn35w5
+c8KsWbPsU+ekPG/n17RpxX92Xxtm5IXp7Nmz7SW+5fkuzEdqe95rypc8XjES55FLHnRBdrDJ475f
+n/kg0Lx58zBz5szwww8/hBEjRlQ2arHFFguLL754aNmyZZgxY0blfn2pSoDJDT7w43vXrl1tomOC
+KzX2uT5GjhwZpk6dGjp37hxatWo1n5NTtYbabXldyeuvdqWVa0Ej4Oe7VLsbrbrqqtE4mFvqWMl9
+5K3OYMlC2pkZAT8feHJDhgwJHTp0CGuttVZYYoklTDCmT58efvzxx/Dee++FYcOGheWWW848PS+X
+WcMWIMPOgskNoe3evbvdbQwaNMgEG7Yu0p6X7WbNmoU+ffrYxIeo8+J3BZ63PgjcPtcY3327PrZU
+Jl8E6nouGQP1ikHnq9vFbg0nkZAGYrLPPvuEAQMGhCWXXNJEAy+QQTFt2jTzqF9++eVw8803m6gg
+InUdMAszae4+YLjllluGnXbayTzoN954I5x22mlh7bXXDkx07pjAG6aI+b777hs6deoUnn766XDu
+uefOl7euzKhjwoQJ5pUz2XLXk0bw61q/8mdHwMdPXWqoEuKoS0HlzQcBvLgvv/wyHHXUUWGHHXYI
+rVu3DmPHjg3ffPNNmDJlil3g3Kr37NnThJvvF110UVh22WUtLl2qFz6QEPDapvqUqa3tZL6a6qrp
+eCl7lCG8gbeMWJO4EznkkEPCgw8+GPr27Vsp0uSFDRMgefGaKUfyum0j9hbfX4orx4ljk0488UQ7
+V6+++mq46aabQo8ePcqeK/K77VJ2Oa604BKQQC+45848Z8R4/fXXD5tvvrmFNL744gvzkt98803z
+8hDwlVZaKey3334hCmeFDTfcMAwePDg8/vjjduFzW++JvCT2cdHHtz1P8tPzIC54ev6Akgds7HPx
+oJzn5VgpMUHkXKiwRWKb/eR3+5T3Y3E7br8u7TdD8978joNN6sB73XbbbcMrr7xi4kzfvF3k8Tax
+L94Ojnmi7djFHvn4Tjv57u0kL/u9/qWWWsrODedy0qRJNgl4n90un2n7G7el7/kkoD+WlM/zUmOr
+EAQufsR2jTXWsNjzxIkTzdt78sknzUNeccUVw/LLLx++/fbb8Le//S0MHz48tGvXLmy00UZh/Pjx
+laKCMCA+X331VXjrrbfs2Lhx4+w79jmGUMZFyIWTuCtleChJ/XjzTA6EBBAQypAXQfrwww8tL+EB
+9iXT119/bcexw3FePIDDPvFzPFy+jx492uryyaU+7U/WzXayf4hit27dzIv+4IMPKvvjZb2NpfpC
+HvpPW+Hx/fffh8mTJ4fvvvvOtplY8b6dD7zeeeed8O6771o/6Rt95zV06NDKtpG/ofrr/dBnfgnI
+g87vual1y9q2bWsXLRczQoBg471ykfNCZF577TUTOUIcrDYgxIHgISLk4QHj3nvvHVZfffXQsWNH
+q3vMmDHh/fffD3fffbc9OEMY3AtElD755JOwyy67hHXWWSd06dLFJgzCKgj9E088YQ8niYcTU+X4
+BRdcYF7pCy+8YEJLPdhDCBGrk046yeK5iPDzzz9vAk389w9/+IOFbR544AGL8/br18/afuedd9oE
+RVgHb5MYfE3tj4twEjB9cgGkHz/99FPo1atXWHPNNc32M888Y56thyKS5ePbTJ7w4c7m6KOPtpAF
+fUSIEekXX3wxvPTSS2GFFVawejhnv/3tb81E+/btjQnn6IorrjCRvv/++82bJpzC+WIyK9ffu+66
+y9rJ+aquv/H26ns+CUig83le6tQqPE5EA6FGoP75z3/aJ7foXKCIwsorrxweeughEwU8WC5eEuLI
+Ng+4ECIEwD1cxAkvnPjr5ZdfbiJLOV54dWeccUbYYIMNzCtH7LFFeVaKrLLKKuHWW281kaIeb1ub
+Nm3My2ZCYPkf7XPRp41MJggjnjmCtvTSS1sseNSoUfa9f//+Vj/1IfBMIuQ777zzLB/fq2s/balO
+tPwYfeROZOedd7Z6ie+//vrrJo6Ib3V2mPSYMH73u9+ZQNNORJU2w4c+EG5iBQjxbfazDBKRJpGX
+F6GO3r17mxf+2GOP2URH++hfQ/XXKtRbbgk0iQbGwNy2Tg0rS8BvqwlZcOvMBb/IIovYRc3F/tln
+n5n3yzHEES8TTxbvlvAGQoaQcEt96qmnWmyaCx/PDiF/++23TchYrsdDKsQeTxpRwas+8sgjLT6L
+WGHj4YcfDqwSwYNnVQNCi8Bw2064BM+dh24I38cff2zhDrxqBIfJBTvE0t0bxotmH0KPSBFmwS4h
+F+qjH4RTCD2cfPLJNlFwBxFvP8Lv7UcY77nnHrsTYCJxfg4Y+yxHXHfddW2CoV3/+9//jBUTzqKL
+LmoT0R133GE8qAve6623nrWZ9jwfef1MaqwG2WuvvcJuu+0WmJDYhg93Dni+nDPaRV4mV/rDOSKM
+Q39gxwoOlkZyLihPmCp5vqrrr58vlgyW6q/3W5/5JiCBzvf5qbZ1iAiC9umnn9rFi5DhrRECIDSA
+R4wwEh9GcPFY2eZCR/zwUrfffvuw4447mmDx4BBPGrsIwu23327Cj0AjIJ9//rkJCiLN8jIECgE+
+9thjLT/C/+ijj5rgEvtGhBDfRx55xEIqhEKYGGgvAsxxRJQ8tGnjjTcO3N4jwoRkEM3VVlvNyiLs
+7DvmmGPCs88+G1gCR7/wcGtqPyKFKFIvYkXf6WM8uUDTRtpOPvLfeOONJsK0FX7cjcAB7rySAg1f
+RJnVH+QnL6symLwoi+jjXfPgFpsIP33Bi2apHvFqhJ39iPVll11m4R3q4hnCdtttV2N//XxV1994
+3/U9vwT0kDC/56ZWLeNWGE/stttuMzHBc0ZcEKUB0Zro/fffP5x55pnh/PPPN68MbwyxI+HtIuKI
+L4LM8jtCCggJgklCNPDCEX5CEJTHE8abxSN/7rnnrAzxUrw+vGA8bTxK2kY5UlIQbWfsLenR+iHK
+IZ7EhLnN7xktFySsgnDzAK6m9j/11FNWlnYgioRKsFdTireX2Dfl6B+hDsQUxs7RbcEMEYUBQk2b
+8arhx+oZyvP50UcfWagJzsTo6Q+TG+EpwhweC8ce7SYPdRG75nh154v+xs9XbfvrfdBnvggoBp2v
+81Gv1iAWeM3cQuMF41EipnhS/ss4bpuJJ+PN8sAJb5vjeHEkbrV333138zTxaBEExADPjVtpPFtC
+EiQEA08YMUKIERFEgURbCLcwYSCohE2oB5vJFBfB5LHkNp42dfJC2LCHWNel/X43wSRUU0IkqYN4
+MVx5mMcPWLh7OOywwywGTL/iCc+c1RnsJ8TAHQoT5jLLLGN86AOiTciEB4iIMueHfhCvdw8dmy7S
+xNhhymRHvrr0l/PFT9Fr0994P/Q9PwQk0Pk5F/VuiXu7XIhcyDzc4heDeIyIJV4mooBA7bHHHiYM
+xGq54BESPEKEiFt7RDPpzbKNMBImIFGGfQglgpT0kjmGsPBjGcIgCFdNqSaxxiZ5fPJA+BG3urSf
+tiCS2KpNIh+CCsdrrrnGGCLUhDW23npr4xi3BUdCE4Q4vCwerHPzvPCADxMfE6Hnp02eJ94+9nFe
+6S8rcGp7vugvvErZjNvX9/wSqPnKyW/bC98yLjwuQOLACA9eNGJAeAMvDgElRIFYH3TQQbaMDjHd
+YostAkux8AaxgUggJHjR3P4nxZJtRIWQQjyxnxc24mVoC7fhiBXf+bFFqVQf4fAy1Edb69J++ojI
+way2yQWdkM59991nkxw29txzz3DllVdW6bezcNts4/2WSt4Pjnkf+B7nyLanX6q/Xp8+80FAAp2P
+81DnViCqeGDcxhJfxrPiwRsPnAhHuKdJaKNn5Cnzk2E8aR4eIjaELxBcBATx5YESy+YIfXDrjX3E
+CRFEbLHnnjLeKwnPPV4X+xAS7HF7T8zUV2BwLJlcjFx8ksfLbXt+wip4lrVpP30hXMNdRjnRLFUf
+4kkd3H0QHmJVCQ/qCFsQ8sCbdbH1JYqcF9rINnFn6oYnibzUTzgD759j5Iev20m2A1v08Zfob7Ju
+bf+6BCTQvy7/etfOxczFzcXLAzOEmoucWCYPovCeOc6Li5vkwkpZxMqXwHEMjxsbCAefiIh70ywN
+Q2AIc5CIayJaiA/eOsvdEH3Eijw8fCSejUfPigw8TdZS0xbs8OK2nnbRFiaXcl62VZh4o8/Uwy8T
+mUxINbWfvtBeytY10Ub6xkO8q666yvpFSIhQB31xcaV/cGVyIj93EOTjByk9o0kSIUaU4cWDQUIQ
+nBMe0LI0Mt42vlMvkyNtp7+s6mDJIon+MmmUO19p+ltXPsqfHQGt4siObaaWEQW8V2LJ/OgDwUQQ
+iTGzpIslaMSHuaARCOKoiAQXPaEMRBTB4iEWYoKnfcABB5gHTjlirwgHy75Y2sbf8sAWsWzW5/Id
+gdlkk01McPDGmRT4MQeisemmm5qA8Z22UScChXDwkJE6/MVEgfgRnkHkaGNNyfPUtv0sC6QNXq46
++6Xy0C7ajmCyNpmJgfbiJbuY0n/WfrOkER4cHxCtpEGwicfDmSV25GOlB2LNj3JghkBzTklujzqZ
+uGDNPiYDVtH4+WKFDndMpc5XXfpbHQsd+3UJaB30r8s/Ve1csFzkLpx4VHhs3H7jySGgPPUn5swF
+63Fp1uLy4wi8WsSE23ZEk9t/X3GA8CD4/JW8zTbbzOz4j1f4oQm2KI+wkI/bb7w8hOfAAw+0yQCB
+/+9//2ueJCKMmNMeJhaEDKGi3l133dVWntBmRIkJB9FCEGkbkwKeJuug6St9RswQfyaL2rafPns7
+Ebx4oi4mNZYQUh+TCm0mTOMTB3XiFbOUjfg9L+40OA+0mSWH7EM06R8s4cMdDn2lDmwfd9xx9kCW
+fax0eT5aigcH2kR9W221lYWTYEGdxLyZMDmfDdXfeN/1Pb8EFOLI77mpsWWICKEFhIcHgXjPeMLE
+SBFVxANvEEFDHPD68Lj5GxY9I28aAUBUiU8feuihJrisTiBEgm3KIZqsOGBlCJ4gYoEw33DDDSZW
+xLL5exP8Ao8y5EfcEbt7773XQhzUhfjzwJKQCMLKD0y22WYbEzfK8AAPb5FJhtAH4kXiO/Z4IYQu
+rLSdY3VtP7zcU00Cpv1eH/XAjHo8wRLvFcHlByxMhv6g1VfSwJwljtdff73xIZTBj1+4g6FPMPWQ
+DoLOckRWz3CMvuB58+MWYve8+PskTCr8TQ4mJ1jV5XxV11/vlz7zS0AedH7PTY0tQzDcq+Mhn/8i
+zQUIccHzJGaM14tgurCQhxcXPMf5k5qIEzYRQhKCznpdBB0h6RkJLWU4jpjwB5EQMsQJMSNxu42X
+x4RBexBkxAcvlNtzhJv4M4n2Icq0nfwIF/uoE0+StiHYeI6UYyKiP9RHveSta/spUyrRb154+NRH
+6IGftPNjHCYHnxi8v4glbSFMxHf6Rrydbergkx+4IPq0F2bYJ8yCAPM3OK699lr7lWT8fOFxUy93
+GfDgGJMXoSaEmv2wqO35KtffUgy0L38E7L+8yl+z1KK6EEA0EEyEECFGEPDuEEUEgguav/PQMxJY
+jwm7fRcc8vEQCoFCVBFc9+Z6Rb9UxHMmD4kyLsjEVPnO7TxChpggQNSPmOBxIkxeDzYJfeBlIq4I
+OoLs4QLaScjERRwR5KEafcEL98kjTfu9bPKTdlIfP77B0yWMw6RF2+OJbfYzuZCX/pOX+LQLIrbY
+T38QcNZP0ycEmoebhDQIgzhTt085bCD2cECkmSxoD3VyjPNbl/PltvW54BGQQC9456xki100/SJG
+GLmI3dvloubi5hY8meJlOY7QkxfR58XxUuUQE6+PMnh75Eeo+U4Z8sQT+Unk5zjtcg+VeshPWb6T
+2Ebo2GZ/qcQx8mC7Lu0vZcvr41ipPnsZr9MnDHjxSib6R95kf8mXFGcvSxvoC5MFbYBPPHndDdHf
+uF19zx8BCXT+zkmDtIiLnBeJC5pXbVJ9y7lQ1bauuuavTdvJU9/219Z+ffPVp7+1KZPX/taXk8pV
+JaCHhFV5LDRbtRXKZIfrW66U95i0Hd+ua/542eq+17f91dlsiGP16W9tyuS1vw3BTDai/wpNEERA
+BERABPJJQAKdz/OiVomACIiAPGiNAREQARHIKwF50Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
+M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlI
+oAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQg
+rwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qX
+CIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/
+BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk
+0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA
+4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARA
+BEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
+M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlI
+oAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQg
+rwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qX
+CIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/
+BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk
+0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA
+4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARA
+BEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
+M2qXCIhA4QnML9CNCs9EAERABEQgFwTmE+hGTZqGRk2a5KJxaoQIiIAIFJnAzwLdqFGYO2dOmPT2
+22HasO9CaPzzoSIDUt9FQARE4NciYCrcKBLj2VOmhhadFg1b33lzWOusk8P0Yd/Lk/61zorqFQER
+EIGIQIWbHAn0nOnTQ9OWrULXfsuETj17hJmjRwSEW0kEREAERODXITBPgeeGRo0ah7lz54RZ02eE
+WTNmBJ4Vzo3+KYmACIiACPw6BGIuMmIcyXLjRpFYR/Fo2tNA+oy9eGI7uS9+XN9FQAREQARCaFoV
+QuRJRzsQz6bRvybRao65c0ur9JzogWK5Y3Gb5CFvXJRnz55dZTueX99FQAREQAQqCFQKdIX/3CjM
+jgR1eiSgw8Os0HnC+DB3xkwTU4TWBZnPNm3ahGbNmlXuKwc0Lsyep7Fi247iV/nknHAOajvJ/iqN
+VKUiIAI/e9BR0CHMimLQbZs2C01btwnrbbhRaNFlsRBdxYbJxZkNLu5Ro0aFcePGhaZNm5YUabzv
+sWPHhrXWWiuss8464d133w1PPvlk6Nu3b9hhhx2s7F133RU6duxoQqFz8csR4A5mwoQJoWXLlqF5
+8+Ylz98v1xrVJAIiUI5ApQfdJBLdSbNmhh5t24UO3VuFjrvvHpq2amlroxFn94T5jii/8cYb4dFH
+Hw3dunULHrKgErwyEvmnRytDWrWKbEUi3Lp1axP1/v37h0UXXdREYerUqZY3+UZZUrxett023709
+yf1se4rnwRav2qSGKBdva7JOv4Oork3VtYFjpDifZH2l6qAc+bj76dOnj02So0ePrjaUlWy7tkVA
+BH45ApUCPSfynttE3vP3kyeFYSNHhfeffyGENq1C3+hC7t69e/joo4/CTz/9ZGENLvTvv/8+dOrU
+yYQSgZ4RrfzAa27RooUJB+Lht9GzZs0yYcBbI5Gfl4tIsruICC9CKHxOmzbNsuDxuXDNnDnTJgAm
+i3idbou2UNYnAfKwj3qrS+ShvUwu1FWbcuSjLzCgXXynrSTa4Mnz0R/aAQ/6mGyTt9P7nWwDNnlR
+lrZSL3mcDfVTlmPs9zrYjyAjzltvvXX48MMPA3cxnN9kG7zN+hQBEfj1CFSu4pgTCWqzaKnd2Jkz
+wtfjx4bHHrw/3H7bbWFMFKYgffPNN+H2228Pr7zySnjqqafCjz/+aBf/8OHDTZAXX3xx88wQcRcp
+91gRDpJv89338T2ZEBLEixDJxIkTQ+fOnW0ymDRpkgkP4RUEZYkllgjt2rULY8aMsTqx6RMDt/Dj
+x4+3ckwklGUb2+US5Wk/gte1a1crO2XKlGrLUQaxHDlypNmmXPv27U0IKUt93ia4wAsPlnzsp754
+Ij/9pr30m9fkyZNtn7edT/gQYqLuxRZbzOqhLYiy1wEfktfBcV6U9xcTnJIIiEA+CVRenUgo656b
+Rhdwy+ii7d5q0TClR5fQbN4FjEe4zDLLWHjCPTjEc6uttgorrLCCeYyI5g8//BCee+4581zxBOuS
+yI/QbbfddqF3797hiy++MG+vQ4cOZmbEiBHh6aeftpj2yiuvXFnnd999Z3UiiHiMCNeyyy4b1ltv
+veBlEezXX389fPrppybq9CGZyLPZZpuFFVdc0UIzHKePb731lnmbTAbxci7O9HunnXYyPggneRDF
+l156KdA2BJu2tW3bNmy//fYWFqKveLmff/55eP75560+RJNJhLj9aqutZu30NhDDx+OlDMzxgr/6
+6qvQr18/Cx/B5c033wxLLbWU8SP0RB3cCQwaNCg888wzJuRHHHGEtQch53yefPLJNum+//77xkqe
+dHJUaFsEfj0ClQJd0YSK9c94drOmToq80opYMccQHTxLLmCO48UiNmuuuaZ505999pnFmrnoEcl7
+773XyiBitU3kpQ7i1niFfOKp473jDS699NJht912M+FBrPGc2UdcGyG6//77rX2I1jbbbGP1I8gk
+BHvLLbe0iWPYsGHmxbrYImT0h4eXa6yxhnmgCCf9oNymm25qD9W+/fZbE0Mvh6BSbueddzZBRYzJ
+Q4ydNsAHDogudey4446BO40vv/zSPOJevXqFtdde29rMpIY3izAzSSDon3zyibGmf7QBD5w+Es+H
+DxMGkxFhC/IzidKHeB09e/a0Omjziy++aO3DKyesQbvgyCREX71ftT1fyicCIpAtgYRA11wZQoOn
+iQeHF0ss+uyzz7ZbbsT12GOPNZHBCyUkUheBpnZEzycBPMbrrrvObvOJox533HEm1AjNjTfeaJ7g
+kksuGY466ijzHPFQEZv111/f7Nx6663htddes04hznvuuacJMN4ieUm0j/oQPR5m0h9sf/3113Z8
+jz32CNtuu60J7gcffGDlyE878UIRSYQWoTznnHOsDG/HHHOMeeII4R133BGOPPLIQFsJEd1www0m
+2Issskg49dRTw0orrRTee+89azveM0J855132j4mno022ijsv//+5ln7JMQkiWf8r3/9ywSZc0Jb
+8aDx3OkDfWOSo12cD+q49tprbeJAuOnrNddcE1ZZZRUTaGwqiYAI5IdAnQWaix4xQDQQTW6zCXHg
+tRE7xYtEuNmuT3Lx45NwB54oHh+CiZfILT7fERxEllACDwIRWAQG4SE/oRY8ywEDBpgA8x2PEe8W
+IUZcEVnK8ELIHnjggYB3zV0A3i4eJfFi2kLowicb/6Q8Akq7iCkffPDBFrIgBowtJhjq6dGjh3ms
+5MN7JvSCt0s+7hCWX355azNiT0hmyJAh1sdVV13V2kAfCc/QBtpP/bRt6NChJvp40/SBycDrWHfd
+da3tiDD1cCfABEFeuJEfe4SS/GFjfc6XyoiACGRHoE4CjTBwYSNMiAnf8fh4kdgmDxc8glffFLeD
+wOFRuijySSiA/XjsbPsx8vkSPiYIPG4/hk3ahIdN2xF17gbYT3+whWARo0XoKOft8O/k9+Tl6Cvi
+ufHGG5vnToiEiQChx3vHLqJIPsIIv/nNbyptY4u+UL//8IfvPBQkL33kxeTz8ssvW17a6InvtIk6
+mHTY5rXXXntV6Xe8DsTeQxn0AQ58KomACOSPQJ0E2i/k+CfeHhc5whJPCAG38J43fqy2372sC6SX
+K7ef4xyjLXjfeI8II4LkQo2HiUfs4kwZjiGKeM2Ebohb452ykgKh33DDDS0P5eIJuwgpP8AZPHiw
+xeOJlXfp0sUeZCL0Dz/8cCUfOBHbjrOivbyIBeP5k7yt8e/kcWG1TNFbfJ/3sVwdHCdeTn8o5yle
+l+/TpwiIQD4I1EmgaTIXNBc4nigix0Mx1tIShyX8gDDj9XHr7N5s1l11wUGMCbOwTVuIrxKTdQHm
+GOJICMb7wTaiRj4Elf78/e9/t7ANq0jwjEslyuOxE5LYd999LaTyyCOPWJ8JexAPXn311a0u4uh4
+uYQ1HnvsMRN/wh60EWEm9YxCMxyHHR4+EwZ8qYeQEg9jmQyoI57oK/kI4Xgd5OHBarIO+o2n7rz4
+hBl1KImACOSPQFW3d772VYixX9BcyHhiLBvDY0SI+Bk3KxEQB8QFQePBF3FVxJoy8fJUwbbvS1bp
+YhE/Xu57vCx5CGEQn8Z7ZsLgVh8RRITxTo8//vhw0EEH2eQS92Kx4+1EJPk5OitE8KYJWSCA7nV7
+neRHoBFNHkqyysKX9BFXRlRpE2VJQyOPnNgvDyqJBXv5Aw44IJx44okWoqDteLmsTCFsxEM9Hkwi
+tKzsoF0IMQnb/qIvtI+7GeogjIIN6uAcHXjggVYHYsw5InGMcoRiOHdsK4mACOSLQDUedIUYE78k
+rsnFjDgjCsREEYN33nnHBJoVBoQTuMjxREksEUMcECiPlbJNQiiwi71kciEkD3VSH3bZTxn3+NhP
+4pP9vMhHXcRrWXmx+eab2xI8whrEgYnTsp4YkXJBog0IO+1HrHiY9tvf/rbygSICTF4mJa+PT8rh
+jcKBJYY8tGQFC5MD9liHjJjCgYeor776qj1IxD6xcY5RnnwIOvboG6s8WAfO0j08cPqHZ4+XT79I
+zsDcj1kAAEAASURBVAG2HKcsExAxb0IYyy23nLUFsY/XwYTCuaNuJi6W75111ln2K1HCOog7tpRE
+QATyQaBJdEEP5H9OmTN1WmjRuWPos+kmYdr4CWHwXXeHZksuHjp37GSCgHfHwy9EhIsYESIEgPgR
+ayacwcWPKPBLQ26x2YewIRKIHyEGbt+J0eKhIm4IoCeEENscR4SoE08U0WU/8V0+WQnh4s82HimC
+42uXESAEl/YgytSJl8jDPEQOT5dy8UR9eLnURX9oM21EWOkr/aRP7hF7WfLDAaGkLvpMn/wHOwg2
+7aA+8lGePLSBOtn3+OOP2wREPlZccOdBm/kFJO0gDPLss8/aChnKIcaUZQUNoab4pAUD6iBfvI4n
+nnjC2kBf4MPkR3vZhhX1cvdAP5REQATyQaBRtJRrbqOmTaL/4ioSz/59w1bnnhXGfvNteGyPfUP7
+6DZ7avSgjIdlfrHHL2Auctb/Io6ICV4uAu0XPnnx2hB2RM+FljJ89+VecRSINPaSdbKfuCzHEDi2
+SXwi4gggdZBoFx4nAkte6kKUEDK2432wAtEbdmg/+RBHRI7vtJE+VNde7NFvF0YmDyYjmCB62KVN
+tBHxRcCZuOgjfWJCoizH+WQfjPyhIbZpNwJOXaX40A/6UFMdlHdm9InvtA02pbg4H32KgAj88gQS
+Ar1M2OrcP5lAPx4JdNu11gxhVsUf1+fCL5UQFC5sDxvg2bHt+REAXuxzAUAQ4ttJu17Gbfjxuuyn
+DvLTLuqiXWwjluUSxynnZRAtkrfV21+qPPaxTVlsJDlQBvvw8nx893Jx2952JgaSi6fzwA4v37ZM
+895qWwd1ez+pT0kERCB/BCpi0NzVRhd8pESVf17Um+ri5NvJTxc8LniSb3u+UuVLCYvn57NUmbru
+9zpcfHw7Xk/yO/XSfi+T7Esyf3wbsSMhuKRSZbFPPkTU83k5KzTvzdtaF6ZevrZ1xPtJGSUREIH8
+EahQE7R5TnSRRv8fYbPo9rtpdOtrmh0iz7eWbc7rRV6fdtWnjGOqTdna5MFebfN53fHP2pStTZ64
+TX0XARH4ZQlUCHQkzo1bNA+zoweFIz7/MkwYPiI06xz9OcwyYY1ftomqTQREQASKScBi0NZ1vOjZ
+0R/H/+jL0KRr9LPhJbrgwhWTinotAiIgAjkgUOFB05BIi1lu13qNFUyY51bzMC0H7VYTREAERGCh
+J/CzQM/r6tx5D7sW+p6rgyIgAiKQcwJaX5XzE6TmiYAIFJeABLq45149FwERyDkBCXTOT5CaJwIi
+UFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASpeSIgAsUlIIEu7rlX
+z0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo4p579VwERCDnBCTQ
+OT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARyTkACnfMTpOaJgAgU
+l4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqeCIhAcQlIoIt77tVz
+ERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq45149FwERyDkBCXTO
+T5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASpeSIgAsUl
+IIEu7rlXz0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo4p579VwE
+RCDnBCTQOT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARyTkACnfMT
+pOaJgAgUl4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqeCIhAcQlI
+oIt77tVzERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq45149FwER
+yDkBCXTOT5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASp
+eSIgAsUlIIEu7rlXz0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo
+4p579VwERCDnBCTQOT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARy
+TkACnfMTpOaJgAgUl4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqe
+CIhAcQlIoIt77tVzERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq4
+5149FwERyDkBCXTOT5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwT
+kEDn/ASpeSIgAsUl0LRk1xs1inbPnXeI76Tktu/z477Np+9Llmnoba/T66vvdnVtLmWTfWkTLOLt
+TmuvPuWTbUhu18dmskzSZkNvJ+vTtggsqASia4PLI5bmE+jGTZrEDuurCIiACIjAL0VgzuzZVar6
+WaAjr3nOrNlh5Pvvh1lRFny7pK9TpaQ2REAEREAEGoQAWosYd15p5dC4aeQkz61wpU2gGzVuHKZP
+mhw691g67H3qTaFFy5Zhtil5o2DRjnlyTZmG26ZfFY34+VZ/rrUr6zqoOV5n3bbJPTfiUBGeqOBY
+0Y+I1s89ikUvfs4zj2eUPeqptcHMJLepwQo5/3LbnA9vx7w2VG6XbufP+SuOw4Ei5ds4r47KNtZy
+u7IP1ON1VLSx/La3qaKOn9tUdTuyRsaKxFfMxnbNO6IPEcg3gXnjlmu9ceMmYca0aeHxm24Oo4YN
+Cy3atg1z58wx0bZOcJHOnjM3TJ4xI8yIBJuDFWpsV2ZFR+0iiN4qrpx5F0V8mwzJ/BW7KiqpMGPv
+NI5kglJdmVrarLRXYdYu2nlfYwpUsednRZq3HX14efbMq7Li4LxtNjxPyTbHOczL63b49FTFRrSz
+LEsKJGzWZduKz2tAlTqjjcrtlHVYv2J1JLfnmZ+/H9GBWrfBjFYUoEySPXUoicACTgAneebMGWHO
+3DnREPcxHw33VVddteJSQSiiTHPatY0+owx2Mczrdfy7g0ju+zW2aYv3hfpJvs33hmhT3GayjuQ2
+eT35MbaTbYrv83y1zeP53UZym/2+z23WddttePn6blPObTRkG9wW9pVEYGEgwHUSOciNJ06KPt05
+rgh7VHRvnlfZZOy4ny/whaHj6oMIiIAILAgEIpGeyyKNmAf980PCeR2Y2zTahZrjpfhnuc4ljye3
+y5X7pfcn25Xcrqk9yfzJ7ZrKlzuetJPcTpZLHk9u1zV/snxyO2lP2yIgAtkQ8GvPQ57zaplPoC0m
+6reQ/lmuScnjye1y5X7p/cl2Jbdrak8yf3K7pvLljiftJLeT5ZLHk9t1zZ8sn9xO2tO2CIhANgTK
+XHv6JWE2uGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZc
+ZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARS
+E5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigD
+IiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0B
+CXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUE
+REAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BA
+p0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiAC
+IpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2
+XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAE
+UhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0Yo
+AyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpAN
+AQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVV
+BERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQ
+QKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIg
+AiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0
+NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERA
+BFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdG
+KAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQ
+DQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0Nlxl
+VQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFIT
+kECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMi
+IAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJ
+dDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQRE
+QARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECn
+RigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIi
+kA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZc
+ZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARS
+E5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigD
+IiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0B
+CXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUE
+REAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BA
+p0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiAC
+IpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2
+XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAE
+UhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0Yo
+AyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpAN
+AQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVV
+BERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQ
+QKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIg
+AiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0
+NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERA
+BFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdG
+KAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQ
+DQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0Nlxl
+VQREQARSE5BAp0YoAyIgAiKQDYGm9TXbqHGk7Y0aVRSfOzfMnTOnvqZUTgR+dQKNo/HcaN54nhuN
+5zkaz7/6OVEDQqi9QEeDtlHTpqFRkyYmxrOnTQ9zpk41ho1btQpNWrYIiPbc2bPD3FmzfhZvURaB
+HBJAhJtG47lJNJ5nR2N2xowZYeq88dwqGs/NmzevPDYrGs8u3jnsipq0EBOonUBHnkXjFs3DzAkT
+w7TPPovEeJHQevk+ocVSSxia6T+NClM++jLMnj4+tFxuudCsfbswZ8bMEKKLQEkE8kYAsUWAJ06c
+GD7//POwyCKLhF69eoUllqgYz6NGjQpff/11GD9+fOjfv39o165dmDlzZjScNZ7zdi4X9vY0WnXV
+VcuPOrzmyMMglDHpnXdCh/XXDz022zh06d8vtOncKTRv28b4zJg0OUweNTqM/PyLMOzZF8O4V18N
+bddYwwQaj7oyFLKw01T/ck0AgcVjRqDficbz+tF43mijjcIyyywTOnbsGNq0qRjPkydPDmPGjAlf
+fPFFePnll8Or0XheIxrPlMfbljed69O8UDWuvEAjztEt4Jzo9m7Gtz+GFY46JPTZdKPQrmsXG6Az
+oxDHbLzkKDVp3iw0a9kyGsBzwsQRI8NXz78UPrn6xtB86SVC48iGQh4L1ZhZIDvjIQ084REjRoSD
+DjoobLjhhmGxxRYLxJ+nTZtmXjKda9asWWgZjWfi0D/99JOJ9E033RQWX3xxC4so5LFADoEFstFl
+BZp48pzIW5g1cnRY9+xTQo9117aBPGbosPD9Bx+FMYO/DtOiW0BSy+gWsWPf3mGpVVYKHXv2sIE9
+7PU3w+vnXhyadukUGs+LW9eFEBfUwuap0CcufD6nT59eq/6Rl/RLs6hPW+tyfn/pvIgw3i+e8R//
++Mew5ppr2nj+9ttvw0cffRSGDBkSxo4da+cGb7p3795hxRVXDEsvvbSN57feeitccskl5mnjhdf1
+ISI8aQPJz2kWDLD9S48V+kGdjG1i+ZrAGu7MlhboCDYCPW3IN2H9888KvTdcP0yL4nVfPPVs+PTG
+W8OMb4aHxot3DHPGTIxaEg28ju3DnB9Hh+Y9lgjLH7Jf6LflZqFlFLf7+uVXw6tnnBda9u5escpj
+ntgkm9+iRfSAMarTEwOZ15QpUxaqW0r69O6774b27dvbbXV8IHNhceETG/UEE/Yh5gz8OCPPk9Wn
+t5X4a79+/Rboiw5u9Oe7774Lp59+elh33XUDYYznnnsu3HHHHWHw4MEWf+bhIImHhT/++GPo27dv
+2HvvvcOAAQNC27Ztw+uvvx4uvPDC0K1bNxPockLLeGYywFunbvJhm09s05a0CVt4+ry8Hdjl9Utf
+N/SRvn788cc2rhkzCgWlPcMV5ZtEt20Dq5iKTjwPBCe99XZY6cTfh/5bbR5mRIP5/TvuDu9ddElo
+3bdPmD1rpq3a6LDGyqF1r25h5tjIk27RLDRfokv46rY7wpwolte5X9/QsVfPMLdN6/DtnXeHlj0i
+kS6zuoN4IBePv/Bqvvnmm9C1a1e7pcRbcXHywejb8bZXd4x8pY6zL26rpu1ydnw/tpL1uE1E4YAD
+DrAHT59++mlo3bq15eU4QjxhwoTw4YcfVnKABxyw2aFDhyqDPlkH9XvyY2zH+5Y8XuqY55k0aVI4
+8MADw3LRQ18uPG+rH19QPmHBpPf222+HY489Nmy22WYmYPfff795xD169Ai8EBU8QISUh4Z4zqzy
+uOuuu+wYYk0+8txzzz2he/fuZSctxvMPP/xgNpiEiW0j7t9//71NBM7dz5Nvw5R98e1S+8hD295/
+/30bH8nrpkuXLjaesrxu/PzTVsJDnTt3Dvvtt5+1n376naLn02f9CMw3lRN3njl+Yuiwwfqhz4CN
+zJP+4slnwsdXXBU6rr9emPH98LD8ofuFzS85Pww47aQw4NST7Dv7OEYe8lIGLxwb2MImtj0hSO5B
+PvHEE+GTTz4xIeATL/OGG24II0eONE+HwcigxFtgsCMWeAo+wLHJQOHi4njcC/X62Mcx8pCXsrSB
+gURim/1Jb55tr598lPE28N2Tl2Uf7aOc22Sbi56HTr///e/D4YcfbqsEfBCTl35vtdVWgVtpvvNC
+rB9//HHz+PDy6IO3G5u0AybJhL14X+PH45zoVzz5McTqyy+/DH/4wx+srdz+O6d4/gXhO31ktQYP
+BIk5M26ef/758M9//jOst956ds4RGO5Q8Prc82UfPMhDXrxtymIDW9iM8+MY4xk7zz77bLj22mtt
+UiDG/dprr4W//e1v4YMPPjB7n0UroThHPl7dC6Y+OGPLE9/ZxzFPbDMJXHnllXbNMIHGrxsmV+66
+GIuMl/peNz7WfLzTFvaR+GSbcc2qF1a7nHnmmTYBMnbom+f1duuz7gSqXqFReVZtTBv0WVj2rNPt
+geDoIUPDp/+5LXSIYnbThn0X1jr9hNB7g/VCdHYqf5zSssMioVMUe263xOLhrb9eZnkps+Rqq4RO
+vXpGKz82CR+cd2Fot/batk6aZjLgGNDM8uuss44NbAYdgw+BwHtbfvnlTZyIFzJIhg2L4t/R7Exa
+eeWVbZAzEF248FJIDBo8Py4yEja5OHydK/YYtDwswt5KK61k7aEtgwYNMk+Ji482MtgQQ7wSLqpx
+48bZxYFd2ke4gnq4xaNsnz59Ko+vtdZaZoML1BN2Xdj9oqMt9AOvjba999579nCKdiMG9BUeQ4cO
+tQdVeNqwInG7zYu+YY8ylMceCXskhANO5HFOeIQsLeOWmHbxSrY1LhZmaAF7gzVL6U4++WQ7h4yh
+22+/Pay22mrGKO5lxrsGJ47BkbyEQhgnMGPlx8UXXxw4vwg6CU6MZ14whyXpmWeeCaeeemo48cQT
+wxtvvBH++9//hlVWWcXEi20S3vhSSy1lMXDO3QorrFDpZDC2cFh8H21ivJAYF4xzJgTay10WDz+x
+t8UWW9h1xXioz3VDPYz7+HiPVnxZu2gTAsy4YbIjIcb0eUEfL9aZHL3NJ9Bz58wOTVq0D4v172cn
+/YcPPrSY86wpU8Pyhx9g4jwnOhlzows+ylDRlWhQIuwI98SDR4RPr785zBk5LlC2c+9etiwPm8lf
+GzKoEA4GNbeg22+/fSUavJZjjjkm/PnPfw7nnHOO7d9hhx3CCSecEPAQbrnlFosTIojDhw838Trt
+tNMsLPLmm2/aRbj66qtbOQQJgWMbQcabQfC32WYbG8h4rQwwBHiXXXaxmCQeEoN0xx13tIsU8cUO
+Nv7617/ahclFyz6WYGFv3333NYE744wzbA3tfffdZ23EE+XCpk9c8O5ZJD+pj8H/r3/9K1xzzTXW
+9kMPPTRcf/31YZ999jFvlvLwGjhwoE1kXCAPP/ywiQWTBO3hIkVUuPX9v//7P7tgl1xySRP9r776
+KsAJz+7JJ58M//vf/ypjsgiBtxXvzEW+8qQsgF8QUCZs4uiMN7xNGOAUwJp91SXKI3LcwVC2Z8+e
+ZstDTvGy2EKgsOvCfdRRR4Vzzz3XHAQmW0SOCRYv2s/DU089FbiLZDxuuummVg/CyPjAMRgQxcAJ
+iXFH6c4I9TJeGPtbbrllZTMeeuihsPXWW4ftttvO7BAiS143lOEhKA4Kd0fJ64Y2Is4+ti+66CJz
+ABi/THiU5XpgDJ1//vl2N0HMnnGp1LAEqgg0IQl+Idh6hb6hTaeOYWY00MYMHhIaL9EpNIlmx26r
+r1bhOUeiSt7KFA1MW+/cvHnotsZq4Yvb7g6zojKUxQa2sDkr+t4kyhMXagY0A5sBQdp1113NY0D8
+CAUQ+yOxzGmnnXYyccbDJpaLWOOFMGDuvfdee0CBsFJu5513tgc8lL3ttttskHIMj5dYGYOQi/SI
+I44Ip5xySvj3v/9tn0wGfD/++OPD5ptvHhicL774Ythrr73sFu64446r9BIQz0svvdS8KS7E8847
+zy4+vKEXXnjBBBkPaoMNNrD9tB+PlaVbJA+38EmCAy8Xbva5R8LFSNp9993NG6MMInDYYYeZmHOR
+UZaJi74jAt7X3/3udybWLBMjftor+lEGIkL7mQh4cIb38/TTT9stPD/QSLbVKl/A3mCHA9AzEtVF
+F13U+swPUDgH8IRXTYk85KUMYgY3VnnAENt4s35usMV3RIx8JCZznqkwsTNpcpyxjqccPw//+Mc/
+TKTJ/9hjj9mETHnG9SabbBL2339/cyA4p+6d+7VDPk/UzfihHsSZUCHXFE5N/LrBiaF+xgPrwEtd
+N6x2Oemkk2wMMjFw3XAngEOAI8PYZwJhMqG/tCvOwtukz/oTiKlsZITBOHVaaNGls/0IZXY0AKeN
+Gx+t1ogu9uWWMaE1cS01sKN9HGsTDd52yy5jZSjLWml+0NJisc5mmzqiEVTZYj+hPqB5eMMtGQ90
+GBTcyuN5IDqvvPKKhQF+85vfmKeMiOIFMJBYEkV8F3Fk8JEfT2K33XYLe+65pw1+jjGouF1k4J51
+1ll2gW288cbWHurh4uHWlTQg8lzwlKiXRD0s09p2220rRZDbVxIPADt16mQDlH3cUl9xxRUWk2OC
+oE486rgHhHhjG2EkcWFx0TH5kJf4M6sG6A9eP+mQQw6xOvDaEQ3CHggtibsE2DzyyCPG4fLLLzcu
+TB4w/fvf/26ePBMYYo0XxzESt+xMSEyMxBMRBtq6ICfElXHFAyzucLjDYCkdk5uPu9r0j7yU4dxj
+gzGCTQ8r+YTKJ3dh5MfrZjJgH04GIshYItR22WWXhZ7RpBE/D0yi/CCGux4mdE+MRR444mEj6kz8
+jBsSHit3Bw888IC9GEuEX5ikyY9TgTj7dcM2D965bvCiEd9S1w1lmNAYx9xxUsb3/elPf7K6zz77
+bGOADa41QoGMF3nRhqfB3qp40A1itWanpEo1DHwGPQ9jGLx4JOwjrspARFS4hWPG5oLAw8UbwMvj
+IiFxK47nsHYU4+Y2FKE58sgjK70GBg3izK0eA4tbN275KYd3QxyPtOyyy9rDFuomMXipB6Hl9o6l
+Vgimx3/xdghHXHDBBXYR0A+EFWEk4flgHwFF9PDU99hjD+sjbf/Pf/5jXgdCwndiegg0ng0CSp8Q
+A9qPt4Yoc4HwQAg7eCyjR4+2uLcvHcOrpv3wIi93GLSbOwZilmzjwTMJ8OALZtwVMDkhDgcffLC1
+lYuTiW1BF2k7Eb/QG+cRXowrJnc+OW+EjRgTTBKcJ84F54GQBZ6xnwfuCPFOET3CZZxLPFQmeMJ9
+OBuMBcY/55/vXCuMUxLfGT/sJ+HZMg5ox8AoJIaXHL9uaJtfN4wprpujjz7aHlTjvCDShLpoI2OD
+PDgaxNiZcAjNeCju6quvtvGu8WLoG+ytqkDjwbVqGaaPHBX4+TY/5+YBYONF24cJg74MkyMPgu1o
+BJi3XaUVUVnCHpNHjwkTBw22tdHk5VeG00ZNCPy9Dv6oknnP0UD2hLfBwGbw4OUhSAwoBIv4Mx4E
+A4EQBzFqBhhCxsD1B4YIH7dvDGrWreJVM2Dc88UG3iWeBZ4ut5CENkgMOkIdiBTeCGEKhI0BTdwY
+D5XEAzzqJdbG7Srt5jtt5aGMe8FcJJ64HeUiISGaPKzy20Ds8fIBzW0zHLgo//KXv1j7KYdgMglw
+C0zYgYv3qquusgsLcWaiYWKAB7erXDyUgR8XMuzwuvHWqBuBYBKhLl7uEeLdlWqre4e0ZUFLtB1P
+Fk5+h4PoMNFztwPrmhI2ED3KcI5wIBirrFzgXHMcjp4YI+SBJcKGt8w45hkL45FxlzwP2Oc8ENMl
+VIU3zd0fY4sX+/iRDOOMNvt5Yuww1j0MSBvuvPNOC3sRs8axuPnmmy0eTZnkdcMknLxurrvuOhNj
+HBrEm7tS+sd459pkUmFS5xh1kxBrd2psh94ajECVEAchCv4q3ZRPvzKh5efbHfv0CnOGjw6zp0wL
+373zXhRkiwZkk4oVHAxOeyGy0b7oLFoeHihShrLYQLSnfDLYbMfjz/SCAciA5ddcCBBPnxFiBjW3
+azzAQ4AR3kcffdQe2vE0Pb70C1HiYR5eBTM6Awqh5ZYOQWLJE+EAvF/qQcB4mk4ifED9xNe4hUX8
+EF7CGFzMrDUlcVFy4WEb4SMvt7PsI96LDRI8PHF7TR4SA5rEhUgZbld5mo/3zgsPHQ+L8ggBiQdG
+/4mElltc4uwkBJpJCh54xIQzsIcAwYuJCe+bhzdMPkxMMMHrRwiYnIhjwwfPDm7E2akXO6R4W+Pi
+YwcXoDdEBRFjrBDaQKzhyPmFRfxcVdct8lKGOxtscO6xiW3qiCcEFH4IMuMVcSUfY5DEWIEp54Hx
+ymTMeWDce+iC0BNOA3eVLM0kUZ4HnYwV9pOww4tJmrs1ko9r+sm5Z5wwRrh7TF433JElr5uBkWNC
+rJwxjofNHSshEa5HHj4zcSDMsPOxzdhHuGvL0xqqt1oRqCLQlGjUOPrzi9PGh5+iP3wE8CVXXTn6
+mxpdQ8vuS4ZBN90ehrz6WmjcqEloGg06fsLNiwd/jaNyQ159PQz6z+1R3qVCs25drSw2sDV7ejQw
+o4GeTAww8jDwSYQziMEhrJ6YnREPPBA8AzxlBBexI/GQiyfzeLGsoOC2DO+VgYvQIrJ4JQgRT8oR
+W/c6iN+xzQWBaJKoh8HLAORCIhEP5sLjYuKi4QEMt4MkPFe8Hy7W+CAlZMOFgtfEigkmIPIx8EkD
+BgywevkkeXnElsStL7eaePJ+oeLpEjZ56aWXLA+3yyQubmKBTEDElYlZczHhOXFh0jdEBu/n+Wjl
+B7F4RIaJiYSAsyKGPtFWJkna6owt0wL4xjmDATFSzg3hAPrpt/c1dYny5KUMZbGBLWxyLJlc+Pkk
+EcvH+yU0wDjBw+U8MN78PHCXxl2OT/LEjxk3eKassiERB6YMLx8v7GfMMIETmyZxJ0i7eLBNe7HJ
+eEb0a7puPIzHuKHd9GGz6Ic9iD53cLSJ8cExYtgcI2EbZ4JreEEfL9ahHL1VjKJYg1iN0XLZ5cLQ
+514ME6NZkb+tsVz08+1xb0drlHt0C29eeGn44N77w6ivh4TpkbDxGh19/+Ce+8Obf700tOzZLcr7
+dvRjlv2tLDawhU1b6RGvKxrsJDwMH5x4ncze3FLywmvgwSGiRByPMAGxX7xNQhIkBjFiQh48F2LC
+LANiyRHCyuyOR8kxwiJMCtgkxIDwUY6EIJIefPBBu5XEU8IGg4/wCBcYng6TBIOSC4V9rENFOOmH
+e6FcSDx4I2xDu4mNc7vLLaVfvFz43EH4oKZdDHImHMSTskw41IVnT0KYmXR4AEUeLhomkoMPPjhw
+e0pfmYi486Cv1EV/SExcMCMPx5mc8LrxmFgKBgfEhLZyQcbbagYWwDc8Wp4twI3YO2ECliwyYcEN
+PvFJ1bvIPo6Rh7yUoSw2ED9sJkMklOEVHwc4BEyynAPuXPCYuXthvOCJch4Yi3jA3Bkh5ITzCMtw
+HXBOmWAJT3jIw2PM1OWrSxB5hJqxypgljIXDgiPB+GOcJ68bJoLkdcNYY7LHMaFdeN6Uxdng+Q3X
+I4mH7ITVEGrGCw8RGb8+/vmulJ7A/D/1jmbkpm1bhwmvvR6aRwOy63L9w6Ldlw6zo59sfxMJc5v+
+/cKPz71sovvjoM/D0JdfC4NuuyeMfOOd0KLbEmHsG2+GFY47Oqy48472l+wGPf5kGHbL7aFVn97R
+2unI45134vwCQJgZ0KzB5UVYgWOcYC4AhBixRVzxivEYmMHx8rhY8Eb44QHrVHnwxkXFjy1YRcFA
+ZtCzbI7bfmwhejx4RPAY+HhC1MUA5wENXjdCxT48DzxL2sR+BA4xZVBzq8rFQ8iBi4q6EFzqpk3E
+OBFIJg++49Vwq/l85L0irvSVi9S9ZhiQhwuRQc+LBzPcJvNwiNSzZ08TTtqDkGMDr4e24NVhmwnD
++0qfmBTIwy/gWKFB2IMQCtwJ73BnwYVP+7kosU07qBd7tBUGCPv/t3cmQFpVVx4/LCoNNPvWbAJK
+WAV0ABHBIEhSkSRGxolJWRqFEU3QWJNK1DhxRK24JGPKiktM1SRWxZpEJ7FcaibgFmM0ImFYHIMR
+BG3WZmm62UEBM/d3Pk77+vFtvdB83/vO7fr6vXe3d+//nvd/5567PNql2Bz4YjtlYJgXMoO19MgY
+OIWAwMqImjZHfsAGokH+IFAG6Hgp4o/cgSMvRmSBNLh08my4IZcM9JndmxcoRAjW1g7YelEIiMsK
+UsYMkFV6OpAibWSOOlE26gWRQ/TICzKArCOT9JS4B+XnuSF+Ps8N5kSeK0wp3BuZRl5QnFj2Trkw
+sVAf7PCEYT6CsOnFQuTILfgWo7wYxoVyzL5ZUuXG1GZJYQHKoUACq19KbZZ0ePN2adO7mxytZbOk
+YLPsGjZH2VYjp/bvJSOuvkKGsVlSEIoP/rw4tVnS4AGpuc9pHnAE3EwL2JKjQk/eNDLkhfAiAHFH
+Fx+yIgzBMgdp4k/+CDddf3MILAIIGfJwIlAIOJok94OgeLhIS5kQUs6Jy+h71KEpU2a0fR4ISIDu
+KGmIjxaEf9xF62r35GWSro6UizJBohAIxGwO4iQdhMGLgzpF68qDAhb484KirvzMsRoSnMgX00qu
+slq6YjrSdtSPF6ZtloRZixcQL3cw5wVsA7y0JdooZg1suGil9CYgeXpnELy9WOM4cK+oPCMHkDD+
+yBSOlyUvPu5hDnmE7FAKFgQ7MAoGYyZo3BAiZTKHvJCn5Wf+dkQmkXniQJ7pZMqeGxQbiNYcsgIO
+yDRyEZd3k1vCIH9wiDoGF838SJ3dNQ2B9AQd8sRezF7QR6prdbvRQeeGZcvBb2fYbnTLyv+TnWvr
+bzfa/cwhanNmyTcDgZVLlspbd4ftRrt3Te0JHWvIaLHRBCAfhCpdoxpJQ9SEow3gxzmCyzlkSDjn
+ON745IlDUBEoHGkQPsI5t7zRmCAxcwgp94mXCX/IEke43R8CoB52X8ubfCkb18THIdR2f/UI/ygH
++ZI/cc1ZXNLiz32MUElDXagf+REnV12z4ZRvWa1sxXQEN+SBHhMaJkSDHyYAuugQJkoADqLkhYcN
+F7MGbUAPDvMPvR4wjhNTFIu4PNNOJh8me7ShySvtipyhMaPlQuCYUTB7oAmThjyijmtry6g/dUQW
+cMThHg15bigH9zMZNHknL34m75xTB2QGRxrkl/SUwdJroP9rNAIZCTq0RmrD/gD8YTZI+uYcYeOj
+8mB3gj8OhwUtR0IYrm1opFPC9LyQRO3WumH/o78MGnUfaR3CMu1i1+hSe0JHoIEIQCgQK0SCSeDq
+YLOHCOl1QCaQGtouDkKD/HD0yrBfYxemZwQhnQgCogy8IHh5cI8FQYvG3AEJnoj7aeX8X8EjkJmg
+KTokHd6KMLJ+8mrK+TLowgt0n44OPbrJqaHLjGM70v3VNTpbgwHBXW/82T95pcj4v0JCAJJGy4MM
+MQ8wWwiSxsaL1owJCIepB7JkcAxybqlPXlE2M1tg1qKc1nMqJBy9LC2HQHaCtnIEQWkdFpywZSg7
+3dV9NLbXsZV828NHY8PcaabntRsePhrb2T8aa9D5sfAQgPjQUrFDRz8ai8aKwyZbGQZYMYcwqIj9
+OZ2ZoblrxguElwTmEF4SXLsrbQTyI2gwQpsOXUQ0ana8Y1Ml9u3AsfqQBS6tWoewYAd1k4bC4v8K
+GAEzeaC1oqVi3rCBOOyumDksrCVNDEbKvETcOQJt84YgCIySbxBmHItT2hyz00Hefz8SiFmOLZ11
+4cobVo94chAw8wHkjEOjhpRxkCT+FtaSZNmS99LK+r+CRiB/go5VI75kOxbsl45AUSGQbVZGUVXE
+C5soBI5bSZio2nllHAFHwBEoYgScoIu48bzojoAjkGwEnKCT3b5eO0fAEShiBJygi7jxvOiOgCOQ
+bAScoJPdvl47R8ARKGIEnKCLuPG86I6AI5BsBNJMs2MDofobzycbAq9dMSLAfOFWrdAv8lttx9xm
+n2NcjC2d/DJnk83jCProJ0ekbZu2+gvLT7Kgw0qnbOHxpLni5wqP58d1PE1zX6e7Z0P98ikTeUax
+jKbhHNfYcNLG84jmHw3nvNBdINrwd+Ro2Gkx/NqE1avZnAk/y6fdOQKFiACKA3JqshotY4Sg+TDk
+EenapZt+KSGX4Ecz8XNHoKUROBq2G+DLMLt21ShJR19fVhYEnhWCtt2r+fvRESg0BJDV+FavlLGO
+oDFrtAmaM5+xKWuX2gvZu4SF1oxeHhBAmFmW3atnr7Dh0R7dmzmdrOIHObOnBmncOQKFigA9PGSV
+fV+iLkLQYSvG0F3kxx4ELtBRmPy8kBBANpFRiNc2NIoTNHEQevxdlgup9bws6RBARpFVfmw7YPJc
+R9AkMkG2wHQZuZ8jcLIRMEGmHCaz8TK5DMcR8etiQSAqu/VHTmwsqVhq4uV0BOoGQB0KRyB5CNQn
+6OTVz2vkCDgCjkDRIuAEXbRN5wV3BByBpCPgBJ30Fvb6OQKOQNEi4ARdtE3nBXcEHIGkI+AEnfQW
+9vo5Ao5A0SLgBN1MTWfTvWyKjF03Nfvmyqep5fD0joAj0PII1JsH3fK3L447tm7TWlqHjXniq3yi
+pWdlG2RKnLZ8/TxMOD98+HA0St054bh4fqRh4YU5I3viOVEbKn5sLgSQL5MrkzW7jt4jU1g0fTy+
+5WNpo+GcW3jc36/rI+AEXR+P464QsOod1bJ/337p26+vkm9cuFixtnHjJjmw/4B06lwue3bvlfYd
+2kvfvhW6KiiaKWk3rN8QvFpJRd8+SuT48RI4sP+g7Ni+I6ySOxLI/Yh8cvQTKQ/59e/fT1fFsXou
+k8BH7+HnjkAuBJA59n5AnpBfZIujKRrR9MTD2VfPOUdpIA1+UZkk348//ljzQhHhPP5BXuIQZooK
++blLj4ATdHpc1BeBra6ulm/fdKMMHDBQfvGLX0hl5Xrp0KFDndAhnDU1tXL55f8k0y6cJp07dw4b
++OySP732J3nmmWelW7duqi0QD42a9fb3/ei+4PeJPPzQI+rXvn2ZVG3ZKrO+eLHMuGiGCjzCu3fP
+XlmxcqU898xzUhbi8DA4SWdpMA/KCwEIEnk844wzVD7ptUHCVVVVsmPHjjriJB7PwKhRo1SG161b
+Vyf3Z555ppSVlcmHH34o+/fv1zTIZrt27WTEiBFKzBs2bJChQ4fqhlVG4uTJ/bjPpk2bNAw/d+kR
+cBt0elzUt1XrQL47a2XkyJEyavQo6dSpk3x06CMVWiJAolVbquRb86+XedfNk4EDB8qhQ4fk9NNP
+l2vnXSvf/Nb1sm3b9hCvjcaFyCdMnCDnnjtRJk2aJBMmjA/51yjxVlfvDJpyf70X+ZSXl8uIkSNk
+7tw5cufdC/SBQmvhgXHnCDQFAQhx2LBhMmTIEJVLtFzkDTnv27evKg3IGfLWpUsX6dOnj1RUVOg5
+JIw/so9/9+7d9drid+3aVeOyiyBxe/ToIfihXKCcQOAcCXdizt2K/rRnwyi82BHEjz76WGMdDSYH
+SBuH/86dO2XqBVNk1qxZqhHM/9YNMvsrl8m3b7xJt8L80pe+JFOmTJad1WFLzKA1fBy0lKlTpqgW
+gnBOvWBqIPSPgqCm8vv4cOo+L730skyZPE2um3e9vPnmYjn77LNl7j/PlY0bNul9tQD+zxFoIAJo
+sUa6PXv21N7h4sWLZdmyZfL2228rYaIcINtmlmB3S9JAtqRBbiFjtG2InR4ism0b/HBNT5Fw4vLb
+u3evLF26VO/Dvf7yl78I2rWTdO4GdILOgVFKIFOkHOQ7jG6kEiDsu2p3y+TJk9XjxRdflLfeXCIT
+z52gR65x500+T00eBw8elNFnjZaRo0bKqlWr5N1339Wu46jRI7WLiJCzET0Ojbt//woV7J888BM9
+onUPGny6HDhwwLVoRcn/NRUBZA6SRJb37Nkjq1evDmMpG5VwIeT27dur9ovJrra2Vs/xIz6ki2mj
+Y8eO+oOsMf3Ry0RGSQPRExdHzxIzCj8I3PybWoekp3eCbmgLp+RNNQMEvE/o+uE2bNgog88YrMI3
+8PQBsnnTZvWnG0i3bsvmKpk+40Lt6qEVL3lriXb1ZsyYrtr2aaeFWSCaguHDMLoeztFYdoQBym3b
+tqngDx48SAci3cxxDCg/NAgBlA1IE/LEBozpYeLEiWruwFQBOa9fv17zRGtG/jBN8GEExmIwTWCy
+MDMHPUgIHq0ZBYQjcWpqapSITbPGb+zYsTJ69GgZM2aM2qUhaMrjLjsCTtDZ8akXquJ0TKZMuE45
+5diUuaAVMPD3Cb+wnysCjuOBQGsoK2snEydMlH379skv/+NxeeKJ/1RNY2LQjBHgQyGOaRV8auzo
+kaP6IBylexnOcaeGeOTvzhFoCgLI2Zo1a6SyslKzYewD4jznnHPUFg0BQ66QMZrvli1b9Mc5pE16
+wiFt5ByiR2ngSFqI25QInhMjccL5MZDuLj8EfBZHfjhprDZBCNsGQkY4sUYwNQ7NAVcWun54ntI2
+dBmDnbpdGOHGQc7vLHtPbv63f5H+A/oH4a2Rf739Ng1D4LH5YSa5945/D3OtU+o5D8Bp7U5TcoeU
+TwsaOIJOt5LvRbpzBJqCALKEXL7//vuqNUOYDA727t1byXf58uVKxJgvkFFme+AgX/yIj0kEeeTI
+ACPEzRGzBxo6pIyiAlHjh41bn5uQD/fnZwqJZu7/0iLgGnRaWNJ7YlvbWrVNBbC2ZpfO8LAu4fDh
+w+T3C/9bteJXFr4uTEPCbQymj90f7VASRiA7dSqXL35xlv4QdvywU+87WqOkT5ojYQ70lk1bZPmy
+FcFOPVIGBGKnm7lm9RrpWN5RHxTiuXMEGoIAsob9t1+/fjJ+/HjVkFEwMKFByhAuNmTMGpg8IFTO
+BwwYoD9IFz/IGPKFZDFn4MfMJXqLXKNVR8mXeBC9/Xg5kN5dbgRcHcuBEYKGgOEQ1ClTJ4fBkw6q
+GVRU9JFFC1+QmTNnyhe+8AX52c8ekyVLlsiDj94fZnZcrOaM3/9+oXzly5eGLuRZen3vPfeqOQMj
+M4tZbr31Fhk3bqycPfYfgmCnTBnlgcRnzJyu5Dz7H2frA7Bo4aKwAGaPTnViQCb6AOSoggc7AnUI
+IMtowtiLOUeW+DGdjrESSBSt18wbDGgTHwcRY0eGvDGP4I+ZA8InPvlg24bIo478yN/MHsiu3dfl
+OIrU8edO0MdjUs8HoUIwcfNvmK/EyNsfvxUrVsols2bL2HFPyDe+cZVcf/11MmfONap1oG3/6ldP
+yP88v0juuf8ufSCYXvTbJ5+WMePOCvz8d1n1zt/kkku+rNrMN66+MtiaU3br6dOny7Rp01Sg0TZ+
+97vfyX899Vvp17+fj4DXax2/aAgCEDIaMVPgWGQCsWJ3RuPFH8L94IMPlGwxV2zevFntyYyR4JBF
+zBeYQ9CisU0j52je9AbRnjmHoMnTCJm8mCoKGVMGnp2tW7fqTCbyxs9degRajRs3TtGBdAD2zDOG
+alfFQQsWhyBQdAGZaVERhJJBwFZhTw6Op5xyqlSGVVSvv/7noBnvlcGDB8tFM2cE4WZ+6Q75wx9e
+lXVrPwjadlkYKZ8gw0cMl8Vh9sa6dR+E6UjYqyXY5g4EU8gZauJ4e+XbQbj3yaTzztUl3q2DEO8K
+U5uWLv1f+dvf3tPl3t4t/FSIaRtIYO26teGllVpa/Glo6ow4TP3i6K4+Apg6GLBDk+a5h3zRhnfv
+3l1nT2awD/k3okX+mGZHGmzPxMVBzuQFeUPQELApMRC5KThWAvIjHlP3LG8LK+UjnIu9Psq9TtA5
+JIKHG8FlzjMOwWMQEDtxr149pXuPlK2O2Rlbq7YGLQTturX0DtPryss76DWmiaoQxvQ7NBcjWoST
+B2B95YYwgNhPX4ybg+0ZhzbD8u4eIf/yYHdmbw53nyLgBP0pFo05Az9I2swX5IENmR8vPsLQquME
+iuxinoDUjXjxIz5pzY/8IBr8o4Rj/nYvrt2lEHCCboQkAJrO3GjdRs0S6GJ0OZirjHAfCRsbcY5g
+RoUZoSWc9ISZ4ONnGl08jGsEH/OHunCwfFIe/t8QcII2JBp/NDmM5oAM4giz82h4pjDLK57G/ON5
+cB2Pmy5OKfmBR1yDdht0DglAwHROsqQGSuLRIWccxMsv7khvWgdhUYGNhxGOduLOEWgJBLIRZEPD
+MsXP5N8S9UvCPXyaXRJa0evgCDgCiUTACTqRzeqVcgQcgSQg4ASdhFb0OjgCjkAiEXCCTmSzeqUc
+AUcgCQg4QSehFb0OjoAjkEgE6hP0sdldiaypVyqhCLjQJrRhvVoBgfoEfWzBFVNjfHqMy0ehIhCV
+z+i0xWh5XX6jaPh5MSEQld26edAIOiuImMtr6/IzCX8xVdbLmkwEWPzDnHFkNp2c4mdEzgKiqNAn
+ExGvVTEjgLyyXgI5jcpzHUEjxCzLrNpaJRV9Kuot2SzminvZk4kA5Lw1yCorOdmDOx0B48ceE2zI
+ExX6ZCLitSpmBCBnZDUjQRPAcuTa2pqw6Umtnhdzhb3sSUaAZfZHVJh1aXyQ3XQOUkbpyKRlp0vj
+fo7AyUAA/o2TM+Wo06CtUJg3Pt3/oW5XCAsuqKPtUZb+8WS/jJSz8Ph1vDLpwvHLlj4aHs+P63h4
+c9wjnkeue6SLT9ky1StX/Hi94vEJPxHOltWTNz2+1mF/lE9rkf6Opjkj03aePqb7OgInBwEj5nTy
+eRxBU0SEP7or1ckptt/VEciMAEKdi5yjqdMJfzTczx2Bk4VANtlMS9AUNPUAnKwi+30dAUfAEXAE
+2mZjb4fHEXAEHAFH4OQh0DbdFpknrzh+Z0fAEXAEHAFDoFX4JJCNFZmfHx2BZkfABkLyzTgeP9d1
+vvl6PEegmBCITwAoprJ7WR0BR8ARSDQCbX22RqLb1yvnCDgCRYxA/b04irgiXnRHwBFwBJKGgBN0
+0lrU6+MIOAKJQcAJOjFN6RVxBByBpCHgBJ20FvX6OAKOQGIQcIJTkiTSAAALNElEQVROTFN6RRwB
+RyBpCDhBJ61FvT6OgCOQGAScoBPTlF4RR8ARSBoCTtBJa1GvjyPgCCQGASfoE9CULEu2z9ecgOw9
+S0fAESgRBDJuN1oi9W/2arL5VPv27aVr165y4MCB8HWaXbq/drPfyDNUBOxlyAUfm8DxFRX82dfc
+d2tUSE7oP7Dm1xBHu3jb5EasVVjq3TBkc+dZkjFMQPv27Svbt2/XD5oCRKdOnWTPnj3+AYQTIBX0
+Ujp27KgvQx72gwcPKlGUlZXpw8/Lce/evXpnJ4PmbwB7CSLjvAwb4mg7ngv/0k121Jygs+OTMxQh
+Rch69uypHyfdtGmTppkzZ46sXLlSli9friS9b98+1xhyoplfBHop7dq1U8w3btyYNdGAAQOkpqZG
+9u/f7y/JrEg1LBC5Zx+fLl26yI4dOxqW+FjsHj16KEn7NyMzw+cEnRmbnCEQRXl5uXTv3l0qKys1
+/ty5c+XKK6+UYcOGyerVq2XatGnqH7Z1lUOHDum5/2s8AmCO+YiX4u7du4WHfN68efKZz3xG6L2g
+yVVVVcnatWvlqaeekvfee08/gAyRVFdXO0k3Hvq6lJAzH5jmy+q4yZMnqxJiREt4vMdifpYW7fnN
+N9/U9JimLK16+L86BJyg66DI7wTBQ5gQqj59+siGDRs04fjx4+V73/uenH/++drt5hPqaG3z58+X
+hQsXKpHs3LmzwV3B/EpVGrEgZwgZosXdd9998rnPfU4GDhwo0a97Wxtt3rxZXn31Vbnppps0fu/e
+vWXbtm1O0opG4/+BL2YNeiaPPPKItgGE3RDHM/Tiiy/q89GtWzfVpCFvd/URaBiq9dOW3BUCBEmg
+qXE0cv7pT38qM2fOlH79+qnQvvLKK3LOOecoPsRz13QEwBHN2cj5mWeekQsuuEAzXrdunfz1r3/V
+rjZtRI9m1KhRMnToULnqqqtk+PDhcskllyg5G8H7NruNaxPw7dy5s8o5mvPnP/95NXOgEce15kx3
+IA96NKSdMmWKvPHGGwJJM2aQbx6Z8k6avxN0ni0KQfDgMyi1fv16TXXLLbfIpZdequYMwpcuXSo/
+//nPZcmSJaq5IWx0xd01HQFszobls88+q6YjyBqipueSzt15551y+eWXy6RJk+S5555TQkDrw9zE
+gKKTQTrUsvtBrjYgCI6cQ84LFiyQNWvWKPGmM1eQDi0bEsYcRXxekuSBIx/ieJvUx98Juj4ex11B
+vEyb69Wrl9qZMVN87Wtfk6uvvlq1ZEwdaHAQwF133aXpL7744jpBc4E7DtIGe/DgMgjLgOC9994r
+U6dOVU36hz/8oTz++OP6kKOBRR3mpTvuuENWrFgh99xzj0ycOFEefvhhueGGG1Rbw/zhrmkI8MI0
++Yac33rrrbwztHQ8X+4yI+AEnRkb1dgwW6CpMQg4cuRI+e53vysXXnihatPYM//4xz/K97//fY3D
+jAFIxAZPyBpycdc0BHhBgitaFjZnHu7nn39eyZk2oUfD7Bl76LkbNmnMHGjbZ511ltx4440yffp0
+fakyswZzCYOM0TRNK2XppQY703oxWeAYD+DlGMeVeGjLmAUxkZiLxzN/P6YQcILOIAloBzzEpmnd
+f//9MmvWLIGEmTL38ssvy6OPPqpHskAwGRjEudApDM3yDw2LdgDz73znO4rzhx9+qOcQNsTNgiDO
+o47FKu+//75q3nfffbeOEYwePVpNUhA0JFFbW+sDhlHQGngeVT4wa+AgZxsMt3CeBzNPEce1ZlDI
+zzlBp8EJwaLLjKAxn/maa66RESNG6MP8zjvvyK9//WslZ5IOGjRI7WpoBgxAuWt+BGxAj0E/TErv
+vvuu3oTeDZpznJwJhBQgDRat4Gi3sWPH6oAh14SlS0eYu/wQAGNTRqJHcI2GkZv5cW5xOTcS59zd
+8Qg4Qccw4U2PvRnzxde//nW57bbbVINjbu1vfvMbwe6JYyYHDzmmD4TPH/YYkM10CTmbyYhBWh5o
+2sZc9GE3v+jRCMBWFJIHjjnpDFq5NhdFq3nOwTzeLtYO8TvE48XDS/26fr+w1NGI1R/hsR8CFu2m
+uWDFwGrBy0wPe64iNDZdrnxLKRy5Nxx5HuzcjvlgQVyLb8d80pViHCfoWKujCbN0FXMFpowf//jH
+uhqtoqJCp3O9/vrrct1116ltmj03BgUTB6sJo+Qdy9Ivm4AAGi5mDRwmJwiCBULmcj3g9iKljTgn
+DxzT9sxuann5MTcC4G2Y2pFUmc4tx2h4rjazNH4MpiEH4XgEECYeZOzQjz32mC5lZTrXli1bZMyY
+MXL77bfL008/rbMCMHEwG4BBQrOVRnOMCmbU38/zR8DMEAz6Ye5g5gaO9mBeerqXIySACYP5zjhm
+cpAPS79xhKVLp4H+Ly8EorJtpMvRNGuO0XOLQzpLa8e8bliCkZygMzQ6mjSj/AxE8TCzGOKrX/2q
+LozgQWflIItS+Nn0IdP0TBDJOnqe4VbunQUBXnq0A+7BBx/UaVqDBw+WBx54QAmXWTVMwzMiAG9+
+TLNjUJHe0A9+8AMdHNy6dau2H3nxUvVxA5BomIsSKpib4xnB8Sxg50e54Rg9t0Up6RQZy8eP9RFw
+gq6PR70rHmCm2UG8kAKzB1igwrznxYsX61QtVqq99tprSgJM+cIZUXMeFWiu3TUcAabRQcSYJF56
+6SUlYJZu0xa0CRgTzsvUfpDBqlWrdIk3g70QNvtyMMWuf//+Pge64c2QNQUrBHHMZqL3ydqB6A8/
+2xqBF64pLnbMmnkJB/osjhyNz9ueEX/m3qIN8OBjm+bHUu/Zs2fr0lU25GEBCxp1dEWVC2AOgPMI
+hoDRhJm7fOutt+qUx89+9rP6UsTccfPNN+s86XhWCxYs0KXekDZtwsZV1jOKx/Xr/BCIyrNpzfix
+fBvHghVepLSZxbVz4ttSb7uba9OGRPqjE3R6XOr5ImDW1WYvB5tix+IVfg899JBcdNFFMmHCBBky
+ZIgsW7ZM0yOgpHXXdAR4SdqcZrRnltaz0Q7bu0LW6TZLgjQgBXo7l112mRaCrjeanRND49oEeTbT
+BouHOOfFycswX1nnuWDQlj08WNiCI5980zeu5MWZqk3QKBYUZ9FbvtQIEBoY9ktWqqGZcc52omyU
+xMwPTCHsnkY8NIlFixbpijbspL5BT+PbDDwxdYAxxyeffFJ7NFwPCjNpGARky1dekqwYhIiZuw6R
+X3HFFTq4yHajaOJOzo1vB54BBmpZ3cn+G7wEMRk1BFPy4Fl44YUXdBCetoKs3R2PgO8HfTwmefsw
+WIgmAElgAsGx6tC2uESA2f+BeJhGnKDzhjZjRLCEHNC4eDmyidK1116rRMELk4ffN+zPCF+zBKAB
+Q8goKbjzzjtPtWgzbWS7CWnp1UDIvmF/NqRSYU7QuTHKGgOBgyzin7yi681OavbJK1ayoQW6azoC
+kLR/8qrpODYlByNpzBuYjBrjUGwg6nyIvTH5JyGNE3QztSICi8M+TTfaNk7yj8Y2E8BpsuHF6B+N
+TQNMC3kh8ygd/tHYEwe4E3QzY4t2h72ZbjgDID7ftpkBjmVnPRi8bXojXW8jD0we7k4sAmDNryGO
+dvG2yY2YE3RujBocwwTWhbDB0HkCR8ARiCDg0+wiYDTXqRNzcyHp+TgCpY2Aj1qVdvt77R0BR6CA
+EXCCLuDG8aI5Ao5AaSPgBF3a7e+1dwQcgQJGwAm6gBvHi+YIOAKljYATdGm3v9feEXAEChgBJ+gC
+bhwvmiPgCJQ2Ak7Qpd3+XntHwBEoYAScoAu4cbxojoAjUNoIOEGXdvt77R0BR6CAEXCCLuDG8aI5
+Ao5AaSPw/y/rbdCkSyETAAAAAElFTkSuQmCC" />
+</div>
+</div>
+<p>Let&#8217;s examine the main portions of the code provided in the sample:</p>
+<ul>
+<li>
+<span class="monospaced">SecureNoteActivity</span> - Main activity UI for entering note text and selecting an algorithm.
+</li>
+<li>
+<span class="monospaced">GetPasswordDialog</span> - Dialog to enter a password for saving/loading a note. When saving, requires verification of newly entered password.
+</li>
+<li>
+<span class="monospaced">PasswordEncryptor</span> - Abstraction of logic for password-based encryption
+</li>
+<li>
+<span class="monospaced">RSAHardwareEncryptor</span> - Abstraction of logic for hardware-bound key encryption
+</li>
+</ul>
+<p>Our focus will be to fill in the encryption/decryption pieces of <span class="monospaced">PasswordEncryptor</span> and <span class="monospaced">RSAHardwareEncryptor</span>.</p>
+</section>
+
+<!--subslide-->
+<section class="slide slide1">
+<h2>Symmetric Password-Based Encryption</h2>
+<p>Let&#8217;s focus on password encryption first. Inside <span class="monospaced">PasswordEncryptor</span>, there are three methods we need to fill in:</p>
+<ul>
+<li>
+<span class="monospaced">generateSecretKey()</span> - Create a new key object from the password material.
+</li>
+<li>
+<span class="monospaced">encryptData()</span> - Take plain text data and write it (encrypted) to a stream.
+</li>
+<li>
+<span class="monospaced">decryptData()</span> - Take encrypted data from a stream and decrypt it.
+</li>
+</ul>
+<p>The hooks for triggering this logic from the user interface are already in place:</p>
+<ol>
+<li>
+<p>
+Implement <span class="monospaced">generateSecretKey()</span>:
+</p>
+<ol>
+<li>
+<p>
+Get an instance of a <span class="monospaced">SecretKeyFactory</span> using the "PBKDF2WithHmacSHA1" algorithm
+</p>
+</li>
+<li>
+<p>
+Create a new <span class="monospaced">PBEKeySpec</span> with the supplied password parameters
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">Use an iterations count of at least 1000</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Generate a new <span class="monospaced">SecretKey</span> from the factory with <span class="monospaced">generateSecret()</span>
+</p>
+</li>
+<li>
+<p>
+Return a new <span class="monospaced">SecretKeySpec</span> containing the raw key bytes and algorithm:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="k">new</span> <span class="n">SecretKeySpec</span><span class="o">(</span><span class="n">keyBytes</span><span class="o">,</span> <span class="s">&quot;AES&quot;</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+</ol>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">encryptData()</span> to write incoming data to a stream:
+</p>
+<ol>
+<li>
+<p>
+Get a Cipher instance loaded with the "AES/CBC/PKCS5Padding" algorithm (already defined for your as <span class="monospaced">ENCRYPTION_ALGORITHM</span>)
+</p>
+</li>
+<li>
+<p>
+Use the provided <span class="monospaced">SecureRandom</span> to generate a random salt:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="n">SALT_LENGTH</span><span class="o">];</span>
+<span class="n">mSecureRandom</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">salt</span><span class="o">);</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Repeat the same process to create a new initialization vector (<span class="monospaced">iv</span>). The length of the array should be <span class="monospaced">cipher.getBlockSize()</span>.
+</p>
+</li>
+<li>
+<p>
+Initialize the cipher with your key and iv:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Call <span class="monospaced">doFinal()</span> on the cipher to return an encrypted version of the incoming <span class="monospaced">data</span> bytes.
+</p>
+</li>
+<li>
+<p>
+We need the <em>salt</em> and <em>iv</em> again to decrypt the data. Write all three items (Base64-encoded) to supplied <span class="monospaced">OutputStream</span>.
+</p>
+</li>
+<li>
+<p>
+Write the supplied <span class="monospaced">DELIMITER</span> character in between each element so they can easily be split apart later.
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">We chose <em>&amp;</em> as the delimiter because it is a character not present in the Base64 encoding alphabet.</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+<span class="monospaced">flush()</span> and <span class="monospaced">close()</span> the <span class="monospaced">OutputStream</span>
+</p>
+</li>
+</ol>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">decryptData()</span> to reverse the process:
+</p>
+<ol>
+<li>
+<p>
+Use the supplied <span class="monospaced">readFile()</span> method to stream the encrypted data into memory as a string.
+</p>
+</li>
+<li>
+<p>
+Split the string on <span class="monospaced">DELIMITER</span> to get back the original three fields (salt, iv, encrypted data).
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">Don&#8217;t forget to Base64 decode each field after splitting them!</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Init a new cipher for decryption using the same algorithm and key:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
+<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
+
+<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
+</pre></div></div></div>
+</li>
+<li>
+<p>
+Return the result of <span class="monospaced">doFinal()</span> to get back the decrypted note.
+</p>
+</li>
+</ol>
+</li>
+<li>
+<p>
+Build and deploy the application to your device/emulator.
+</p>
+</li>
+<li>
+<p>
+Select the <em>Password-Based</em> option and type in some note text.
+</p>
+</li>
+<li>
+<p>
+Click <em>Save</em>, and enter a new password. You should see a message saying the save was successful.
+</p>
+</li>
+<li>
+<p>
+Connect to your device&#8217;s shell and view the saved file:
+</p>
+<div class="listingblock">
+<div class="content">
+<pre><tt>$ adb shell cat /data/data/com.example.android.securenote/files/secure.note
+OlpcR+xyPsaBXtZP2mkZdtxrMGnTnSmqM/r0RzVFJjk=&amp;o0hKRxL3MVw1D1wQFUIV+w==&amp;fOToQqDlEaBhgKlnCsgbgSUckemI/XBp9TPBY+SPTYWiHvICsmBT42miMCz0wui/pAMQ+OaehUAN3DayPKEoWw==</tt></pre>
+</div></div>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">This can only be done on an emulator or rooted device. Production devices have this directory protected!</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Looks pretty encrypted! Click <em>Load</em>, and enter the same password. You should see the note text displayed below the entry field.
+</p>
+</li>
+</ol>
+</section>
+
+<!--subslide-->
+<section class="slide slide1">
+<h2>Using a Hardware-Bound RSA Key</h2>
+<p>Now let&#8217;s try this using a private key that is tucked away in a non-exportable block of the hardware. The <span class="monospaced">RSAHardwareEncryptor</span> has four methods you will need to implement:</p>
+<ul>
+<li>
+<span class="monospaced">retrievePublicKey()</span> - Get the public (encryption) key from storage.
+</li>
+<li>
+<span class="monospaced">retrievePrivateKey()</span> - Get the private (decryption) key from the keystore.
+</li>
+<li>
+<span class="monospaced">encryptData()</span> - Take plain text data and write it (encrypted) to a stream.
+</li>
+<li>
+<span class="monospaced">decryptData()</span> - Take encrypted data from a stream and decrypt it.
+</li>
+</ul>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">Hardware-backed key storage is only available on Android 4.3+</td>
+</tr></table>
+</div>
+<p>The hooks for triggering this logic from the user interface are already in place:</p>
+<ol>
+<li>
+<p>
+Read through and take a moment to understand the <span class="monospaced">generatePrivateKey()</span> method.
+</p>
+<ol>
+<li>
+<p>
+This method is responsible for creating the public/private key pair and persisting them both.
+</p>
+</li>
+<li>
+<p>
+The public key is stored to <span class="monospaced">SharedPreferences</span>.
+</p>
+</li>
+<li>
+<p>
+The private key is bound to the hardware keystore. It can be referenced later by its <em>alias</em> (<span class="monospaced">KEY_ALIAS</span> in this case).
+</p>
+</li>
+</ol>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">retrievePublicKey()</span> to create the encryption key:
+</p>
+<ol>
+<li>
+<p>
+Retrieve the encoded key string from <span class="monospaced">SharedPreferences</span>.
+</p>
+</li>
+<li>
+<p>
+Decode the string with <span class="monospaced">Base64.decode()</span> into raw bytes.
+</p>
+</li>
+<li>
+<p>
+Use a <span class="monospaced">KeyFactory</span> to return a <span class="monospaced">PublicKey</span> objeect from the bytes:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="n">KeyFactory</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">KEY_ALGORITHM</span><span class="o">)</span>
+                <span class="o">.</span><span class="na">generatePublic</span><span class="o">(</span><span class="k">new</span> <span class="n">X509EncodedKeySpec</span><span class="o">(</span><span class="n">publicKey</span><span class="o">));</span>
+</pre></div></div></div>
+</li>
+</ol>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">retrievePrivateKey()</span> to get the decryption key from hardware:
+</p>
+<ol>
+<li>
+<p>
+Get a <span class="monospaced">KeyStore</span> instance of the "AndroidKeyStore".
+</p>
+</li>
+<li>
+<p>
+Load the <span class="monospaced">KeyStore</span> with <span class="monospaced">null</span> as the <span class="monospaced">InputStream</span> parameter to initialize it.
+</p>
+</li>
+<li>
+<p>
+Get the <span class="monospaced">KeyStore.Entry</span> associated with our <span class="monospaced">KEY_ALIAS</span> from the <span class="monospaced">KeyStore</span>.
+</p>
+</li>
+<li>
+<p>
+Return the <span class="monospaced">PrivateKey</span> from the entry with <span class="monospaced">getPrivateKey()</span>:
+</p>
+<div class="listingblock">
+<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="o">((</span><span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">)</span> <span class="n">entry</span><span class="o">).</span><span class="na">getPrivateKey</span><span class="o">();</span>
+</pre></div></div></div>
+</li>
+</ol>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">encryptData()</span> to write incoming data to a stream:
+</p>
+<ol>
+<li>
+<p>
+Retrieve an instance of the <em>public</em> key.
+</p>
+</li>
+<li>
+<p>
+Initialize a new cipher in encrypt mode with the "RSA/ECB/PKCS1Padding" algorithm.
+</p>
+</li>
+<li>
+<p>
+Wrap the supplied <span class="monospaced">OutputStream</span> in a <span class="monospaced">Base64OutputStream</span> to encode all characters before file writing.
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">Add the <span class="monospaced">Base64.NO_WRAP</span> flag to the stream to avoid reading conflicts.</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Wrap the encoding stream from the previous step in a <span class="monospaced">CipherOutputStream</span> to apply our cipher to all bytes written.
+</p>
+</li>
+<li>
+<p>
+Write the incoming data to our wrapped <span class="monospaced">OutputStream</span>, <span class="monospaced">flush()</span> and <span class="monospaced">close()</span>.
+</p>
+</li>
+</ol>
+</li>
+<li>
+<p>
+Implement <span class="monospaced">decryptData()</span> to reverse the process:
+</p>
+<ol>
+<li>
+<p>
+Retrieve an instance of the <em>private</em> key.
+</p>
+</li>
+<li>
+<p>
+Initialize a new cipher in decrypt mode with the key and the same RSA algorithm.
+</p>
+</li>
+<li>
+<p>
+Wrap the provided <span class="monospaced">InputStream</span> in a <span class="monospaced">Base64InputStream</span> to decode the file bytes.
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon note">
+</td>
+<td class="content">Don&#8217;t forget the <span class="monospaced">Base64.NO_WRAP</span> flag again!</td>
+</tr></table>
+</div>
+</li>
+<li>
+<p>
+Wrap the decoder stream in a <span class="monospaced">CipherInputStream</span> to apply decryption to the incoming data.
+</p>
+</li>
+<li>
+<p>
+Use the supplied <span class="monospaced">readFile()</span> helper to read data from the incoming stream
+</p>
+</li>
+<li>
+<p>
+Return the decoded data as a <span class="monospaced">byte[]</span>.
+</p>
+<div class="admonitionblock">
+<table><tr>
+<td class="icon tip">
+</td>
+<td class="content">You can use <span class="monospaced">getBytes()</span> to return the bytes of a <span class="monospaced">String</span>.</td>
+</tr></table>
+</div>
+</li>
+</ol>
+</li>
+<li>
+<p>
+Run the application again. Type a new secret message to save.
+</p>
+</li>
+<li>
+<p>
+Select the <em>Key-Based</em> option, and click <em>Save</em>.
+</p>
+</li>
+<li>
+<p>
+If the save was successful, you can click <em>Load</em> and see your typed message in the lower box.
+</p>
+</li>
+</ol>
+</section>
+
+<!--slide-->
+<section class="slide slide0">
+<h2 class="section-slide">Review Questions</h2>
+<ol>
+<li>
+<p>
+Name three of the primary APIs for persisting data in Android.
+</p>
+</li>
+<li>
+<p>
+Why is it a bad idea hard-code secret keys in your application code?
+</p>
+</li>
+<li>
+<p>
+What is the preferred method of generating a unique ID for your application user?
+</p>
+</li>
+<li>
+<p>
+what is the one type of persisted data that cannot be (directly) encrypted?
+</p>
+</li>
+<li>
+<p>
+What is the name of the package that provides encryption for SQLite?
+</p>
+</li>
+<li>
+<p>
+What is the primary advantage of the accounts framework?
+</p>
+</li>
+<li>
+<p>
+Is password-based encryption symmetric or asymmetric? What does that mean?
+</p>
+</li>
+<li>
+<p>
+What is the difference between the system KeyChain and the system KeyStore?
+</p>
+</li>
+<li>
+<p>
+When is it safe to persist an encryption key in the system KeyStore?
+</p>
+</li>
+<li>
+<p>
+How do we check if the device supports this?
+</p>
+</li>
+</ol>
+<p></p>
+<!--footer: Added this to close the final slide section-->
+</section>
+    <!-- deck.status snippet -->
+    <p class="deck-status" aria-role="status">
+      <span class="deck-status-current"></span>
+      /
+      <span class="deck-status-total"></span>
+    </p>
+
+    <!-- deck.goto snippet -->
+    <form action="." method="get" class="goto-form">
+      <label for="goto-slide">Go to slide:</label>
+      <input type="text" name="slidenum" id="goto-slide" list="goto-datalist">
+      <datalist id="goto-datalist"></datalist>
+      <input type="submit" value="Go">
+    </form>
+
+
+    <div class="deck-toc"></div>
+<script>
+        $(function() {
+                $.deck('.slide');
+        });
+</script>
+
+</body>
+</html>

From 9e337469efee4b3ddc2e1af7cbbfacff51adff3c Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Mon, 3 Jun 2019 12:13:03 -0700
Subject: [PATCH 07/14] SDK Update: API-28

---
 app/build.gradle                              |  5 +--
 .../android/securenote/GetPasswordDialog.java |  7 +--
 .../securenote/SecureNoteActivity.java        | 44 ++++++++++---------
 .../securenote/crypto/PasswordEncryptor.java  | 17 +------
 .../crypto/RSAHardwareEncryptor.java          |  8 ++--
 build.gradle                                  |  2 +-
 gradle/wrapper/gradle-wrapper.properties      |  4 +-
 7 files changed, 39 insertions(+), 48 deletions(-)

diff --git a/app/build.gradle b/app/build.gradle
index caaae0c..74cc34f 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -1,13 +1,12 @@
 apply plugin: 'com.android.application'
 
 android {
-    compileSdkVersion 27
-    buildToolsVersion "27.0.3"
+    compileSdkVersion 28
 
     defaultConfig {
         applicationId "com.example.android.securenote"
         minSdkVersion 19
-        targetSdkVersion 27
+        targetSdkVersion 28
     }
 
     buildTypes {
diff --git a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
index 9d77b43..25f0d33 100644
--- a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
+++ b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
@@ -37,6 +37,7 @@ public static GetPasswordDialog newInstance(int requestType,
 
     public interface OnPasswordListener {
         public void onPasswordValid(int requestType, String password);
+
         public void onPasswordCancel();
     }
 
@@ -64,9 +65,9 @@ public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle sa
         getDialog().setTitle(R.string.get_password_label);
         View content = inflater.inflate(R.layout.get_password, container, false);
 
-        mPassword = (EditText) content.findViewById(R.id.password_text);
-        mPasswordVerification = (EditText) content.findViewById(R.id.password_verification_text);
-        mOkButton = (Button) content.findViewById(R.id.ok_button);
+        mPassword = content.findViewById(R.id.password_text);
+        mPasswordVerification = content.findViewById(R.id.password_verification_text);
+        mOkButton = content.findViewById(R.id.ok_button);
 
         content.findViewById(R.id.cancel_button).setOnClickListener(this);
         mOkButton.setOnClickListener(this);
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
index 24a94b9..2edd0f5 100644
--- a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
+++ b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
@@ -4,6 +4,7 @@
 import java.io.InputStream;
 import java.io.OutputStream;
 
+import android.annotation.SuppressLint;
 import android.app.Activity;
 import android.app.AlertDialog;
 import android.content.DialogInterface;
@@ -35,10 +36,10 @@ public class SecureNoteActivity extends Activity implements
     private static final int GET_PASSWORD_FOR_LOAD = 1;
     private static final int GET_PASSWORD_FOR_SAVE = 2;
 
-    private EditText mNoteText;
-    private TextView mResultText;
-    private RadioGroup mEncryptionSelect;
-    private Button mSaveButton;
+    private EditText noteText;
+    private TextView resultText;
+    private RadioGroup encryptionSelect;
+    private Button saveButton;
 
     private PasswordEncryptor mPasswordEncryptor;
     private RSAHardwareEncryptor mHardwareEncryptor;
@@ -48,15 +49,15 @@ public void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         setContentView(R.layout.secure_note);
 
-        mNoteText = (EditText) findViewById(R.id.note_text);
-        mResultText = (TextView) findViewById(R.id.text_result);
-        mEncryptionSelect = (RadioGroup) findViewById(R.id.type_select);
-        mSaveButton = (Button) findViewById(R.id.save_button);
+        noteText = findViewById(R.id.note_text);
+        resultText = findViewById(R.id.text_result);
+        encryptionSelect = findViewById(R.id.type_select);
+        saveButton = findViewById(R.id.save_button);
 
         findViewById(R.id.load_button).setOnClickListener(this);
-        mSaveButton.setOnClickListener(this);
-        mNoteText.addTextChangedListener(this);
-        mNoteText.setText(null);
+        saveButton.setOnClickListener(this);
+        noteText.addTextChangedListener(this);
+        noteText.setText(null);
 
         mPasswordEncryptor = new PasswordEncryptor();
         mHardwareEncryptor = new RSAHardwareEncryptor(this);
@@ -126,7 +127,7 @@ public void onPasswordCancel() {
     }
 
     public void onClick(View v) {
-        int encryptionType = mEncryptionSelect.getCheckedRadioButtonId();
+        int encryptionType = encryptionSelect.getCheckedRadioButtonId();
         switch (v.getId()) {
             case R.id.load_button:
                 if (encryptionType == R.id.type_password) {
@@ -150,7 +151,7 @@ public void onClick(View v) {
     @Override
     protected void onDestroy() {
         super.onDestroy();
-        mNoteText.getText().clear();
+        noteText.getText().clear();
     }
 
     private void deleteSecureNote() {
@@ -164,10 +165,10 @@ private void deleteSecureNote() {
         }
     }
 
+    @SuppressLint("StaticFieldLeak")
     private void saveSecureNote(final String passkey) {
         Log.d(TAG, "Saving note");
         new AsyncTask<String, Void, Boolean>() {
-
             @Override
             protected Boolean doInBackground(String... strings) {
                 try {
@@ -191,16 +192,17 @@ protected Boolean doInBackground(String... strings) {
             @Override
             protected void onPostExecute(Boolean result) {
                 if (result) {
-                    mNoteText.getText().clear();
+                    noteText.getText().clear();
                     toast(R.string.saved_note);
                 } else {
                     toast(R.string.failed_to_save);
                 }
             }
 
-        }.execute(mNoteText.getText().toString());
+        }.execute(noteText.getText().toString());
     }
 
+    @SuppressLint("StaticFieldLeak")
     private void loadSecureNote(final String passkey) {
         Log.d(TAG, "Loading note...");
         new AsyncTask<Void, Void, String>() {
@@ -227,7 +229,7 @@ protected void onPostExecute(String result) {
                 if (result == null) {
                     toast(R.string.failed_to_load);
                 } else {
-                    mResultText.setText(result);
+                    resultText.setText(result);
                     toast(R.string.loaded_note);
                 }
             }
@@ -239,18 +241,20 @@ private void toast(int resId) {
     }
 
     public void afterTextChanged(Editable s) {
-        mSaveButton.setEnabled(s.length() != 0);
+        saveButton.setEnabled(s.length() != 0);
     }
 
     @Override
     public void beforeTextChanged(CharSequence s,
                                   int start,
                                   int count,
-                                  int after) { }
+                                  int after) {
+    }
 
     @Override
     public void onTextChanged(CharSequence s,
                               int start,
                               int before,
-                              int count) { }
+                              int count) {
+    }
 }
diff --git a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
index 7e7e876..0ac34f8 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
+++ b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
@@ -1,28 +1,15 @@
 package com.example.android.securenote.crypto;
 
-import android.util.Base64;
-import android.util.Base64OutputStream;
-
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.OutputStream;
-import java.io.Reader;
-import java.io.StringReader;
 import java.security.GeneralSecurityException;
-import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
 
-import javax.crypto.Cipher;
-import javax.crypto.CipherOutputStream;
 import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.SecretKeySpec;
 
 public class PasswordEncryptor {
 
@@ -34,11 +21,11 @@ public class PasswordEncryptor {
     // We chose '&' because is not part of the Base64 character set
     private static final String DELIMITER = "&";
 
-    private SecureRandom mSecureRandom;
+    private SecureRandom secureRandom;
 
     public PasswordEncryptor() {
         // Do *not* seed secureRandom! Automatically seeded from system entropy.
-        mSecureRandom = new SecureRandom();
+        secureRandom = new SecureRandom();
     }
 
     /**
diff --git a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
index c62a08d..23de7cc 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
+++ b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
@@ -52,13 +52,13 @@ public class RSAHardwareEncryptor {
     private static final String KEY_ALIAS = "secureKeyAlias";
 
     //Persistent location where we will save the public key
-    private SharedPreferences mPublicKeyStore;
+    private SharedPreferences publicKeyStore;
 
     public RSAHardwareEncryptor(Context context) {
-        mPublicKeyStore = context.getSharedPreferences(
+        publicKeyStore = context.getSharedPreferences(
                 "publickey.store", Context.MODE_PRIVATE);
         try {
-            if (!mPublicKeyStore.contains(KEY_PUBLIC)) {
+            if (!publicKeyStore.contains(KEY_PUBLIC)) {
                 generatePrivateKey(context);
                 Log.d(TAG, "Generated hardware-bound key");
             } else {
@@ -97,7 +97,7 @@ private void generatePrivateKey(Context context) throws
         //Persist the public key
         PublicKey publicKey = kp.getPublic();
         String encodedKey = Base64.encodeToString(publicKey.getEncoded(), Base64.NO_WRAP);
-        mPublicKeyStore.edit().putString(KEY_PUBLIC, encodedKey).apply();
+        publicKeyStore.edit().putString(KEY_PUBLIC, encodedKey).apply();
     }
 
     /**
diff --git a/build.gradle b/build.gradle
index be81015..fd232e5 100644
--- a/build.gradle
+++ b/build.gradle
@@ -5,7 +5,7 @@ buildscript {
         jcenter()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:3.1.0'
+        classpath 'com.android.tools.build:gradle:3.4.1'
     }
 }
 
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index ba9b119..2457641 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
-#Wed Apr 10 15:27:10 PDT 2013
+#Mon Jun 03 11:29:47 PDT 2019
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.4-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-5.1.1-all.zip

From 62414860bbca52a947cc6b97987309a222090868 Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Mon, 3 Jun 2019 13:12:45 -0700
Subject: [PATCH 08/14] no-change

---
 .../android/securenote/GetPasswordDialog.java | 67 +++++++++----------
 .../securenote/SecureNoteActivity.java        | 16 ++---
 2 files changed, 41 insertions(+), 42 deletions(-)

diff --git a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
index 25f0d33..e559cfb 100644
--- a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
+++ b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
@@ -36,27 +36,27 @@ public static GetPasswordDialog newInstance(int requestType,
     }
 
     public interface OnPasswordListener {
-        public void onPasswordValid(int requestType, String password);
+        void onPasswordValid(int requestType, String password);
 
-        public void onPasswordCancel();
+        void onPasswordCancel();
     }
 
-    private EditText mPassword;
-    private EditText mPasswordVerification;
-    private Button mOkButton;
-    private int mMinPasswordLength;
+    private EditText password;
+    private EditText passwordVerification;
+    private Button okButton;
+    private int minPasswordLength;
 
-    private OnPasswordListener mPasswordListener;
+    private OnPasswordListener passwordListener;
 
     @Override
     public void onAttach(Activity activity) {
         super.onAttach(activity);
         try {
-            mPasswordListener = (OnPasswordListener) activity;
+            passwordListener = (OnPasswordListener) activity;
         } catch (ClassCastException e) {
             throw new IllegalArgumentException(
                     activity.getClass().getSimpleName()
-                            + " shoud implement OnPasswordListener");
+                            + " should implement OnPasswordListener");
         }
     }
 
@@ -65,12 +65,12 @@ public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle sa
         getDialog().setTitle(R.string.get_password_label);
         View content = inflater.inflate(R.layout.get_password, container, false);
 
-        mPassword = content.findViewById(R.id.password_text);
-        mPasswordVerification = content.findViewById(R.id.password_verification_text);
-        mOkButton = content.findViewById(R.id.ok_button);
+        password = content.findViewById(R.id.password_text);
+        passwordVerification = content.findViewById(R.id.password_verification_text);
+        okButton = content.findViewById(R.id.ok_button);
 
         content.findViewById(R.id.cancel_button).setOnClickListener(this);
-        mOkButton.setOnClickListener(this);
+        okButton.setOnClickListener(this);
 
 
         return content;
@@ -83,24 +83,24 @@ public void onActivityCreated(Bundle savedInstanceState) {
 
         boolean verifyPassword = args.getBoolean(VERIFY_PASSWORD_REQUEST_PARAM, true);
         if (verifyPassword) {
-            mOkButton.setEnabled(false);
-            mMinPasswordLength = args.getInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, 0);
-            if (mMinPasswordLength > 0) {
-                mPassword.setHint(super.getString(R.string.password_hint_min_length,
-                        mMinPasswordLength));
+            okButton.setEnabled(false);
+            minPasswordLength = args.getInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, 0);
+            if (minPasswordLength > 0) {
+                password.setHint(super.getString(R.string.password_hint_min_length,
+                        minPasswordLength));
             }
-            mPassword.addTextChangedListener(this);
-            mPasswordVerification.addTextChangedListener(this);
+            password.addTextChangedListener(this);
+            passwordVerification.addTextChangedListener(this);
         } else {
-            mPasswordVerification.setVisibility(View.GONE);
+            passwordVerification.setVisibility(View.GONE);
         }
     }
 
     @Override
     public void onPause() {
         super.onPause();
-        mPassword.getText().clear();
-        mPasswordVerification.getText().clear();
+        password.getText().clear();
+        passwordVerification.getText().clear();
         Log.d(TAG, "Cleared password fields");
     }
 
@@ -108,11 +108,10 @@ public void onClick(View v) {
         switch (v.getId()) {
             case R.id.ok_button:
                 final int requestType = getArguments().getInt(REQUEST_PARAM);
-                final String password = mPassword.getText().toString();
-                mPasswordListener.onPasswordValid(requestType, password);
+                passwordListener.onPasswordValid(requestType, this.password.getText().toString());
                 break;
             case R.id.cancel_button:
-                mPasswordListener.onPasswordCancel();
+                passwordListener.onPasswordCancel();
                 break;
             default:
                 throw new IllegalArgumentException("Invalid Button");
@@ -122,23 +121,23 @@ public void onClick(View v) {
     }
 
     public void afterTextChanged(Editable s) {
-        if (mPassword.length() < mMinPasswordLength) {
+        if (password.length() < minPasswordLength) {
             Log.d(TAG, "Password too short");
-            mOkButton.setEnabled(false);
-        } else if (mPassword.length() != mPasswordVerification.length()) {
+            okButton.setEnabled(false);
+        } else if (password.length() != passwordVerification.length()) {
             Log.d(TAG, "Passwords' length differs");
-            mOkButton.setEnabled(false);
+            okButton.setEnabled(false);
         } else {
-            for (int i = 0; i < mPassword.getText().length(); i++) {
-                if (mPassword.getText().charAt(i) != mPasswordVerification.getText()
+            for (int i = 0; i < password.getText().length(); i++) {
+                if (password.getText().charAt(i) != passwordVerification.getText()
                         .charAt(i)) {
                     Log.d(TAG, "Passwords differ");
-                    mOkButton.setEnabled(false);
+                    okButton.setEnabled(false);
                     return;
                 }
             }
             Log.d(TAG, "Passwords are the same");
-            mOkButton.setEnabled(true);
+            okButton.setEnabled(true);
         }
     }
 
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
index 2edd0f5..ac46782 100644
--- a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
+++ b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
@@ -41,8 +41,8 @@ public class SecureNoteActivity extends Activity implements
     private RadioGroup encryptionSelect;
     private Button saveButton;
 
-    private PasswordEncryptor mPasswordEncryptor;
-    private RSAHardwareEncryptor mHardwareEncryptor;
+    private PasswordEncryptor passwordEncryptor;
+    private RSAHardwareEncryptor hardwareEncryptor;
 
     @Override
     public void onCreate(Bundle savedInstanceState) {
@@ -59,8 +59,8 @@ public void onCreate(Bundle savedInstanceState) {
         noteText.addTextChangedListener(this);
         noteText.setText(null);
 
-        mPasswordEncryptor = new PasswordEncryptor();
-        mHardwareEncryptor = new RSAHardwareEncryptor(this);
+        passwordEncryptor = new PasswordEncryptor();
+        hardwareEncryptor = new RSAHardwareEncryptor(this);
     }
 
     @Override
@@ -175,9 +175,9 @@ protected Boolean doInBackground(String... strings) {
                     OutputStream out = openFileOutput(FILENAME, MODE_PRIVATE);
                     byte[] noteData = strings[0].getBytes();
                     if (passkey == null) {
-                        mHardwareEncryptor.encryptData(noteData, out);
+                        hardwareEncryptor.encryptData(noteData, out);
                     } else {
-                        mPasswordEncryptor.encryptData(passkey, noteData, out);
+                        passwordEncryptor.encryptData(passkey, noteData, out);
                     }
                     Log.d(TAG, "Saved note to " + FILENAME);
 
@@ -212,9 +212,9 @@ protected String doInBackground(Void... params) {
                     InputStream in = openFileInput(FILENAME);
                     byte[] decrypted;
                     if (passkey == null) {
-                        decrypted = mHardwareEncryptor.decryptData(in);
+                        decrypted = hardwareEncryptor.decryptData(in);
                     } else {
-                        decrypted = mPasswordEncryptor.decryptData(passkey, in);
+                        decrypted = passwordEncryptor.decryptData(passkey, in);
                     }
                     Log.d(TAG, "Loaded note from " + FILENAME);
                     return new String(decrypted);

From 10865d098aeae00870bbb079d4dfa1e7a5edef23 Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Tue, 4 Jun 2019 13:31:32 -0700
Subject: [PATCH 09/14] +AndroidX

---
 app/build.gradle                              |  4 +
 app/src/main/AndroidManifest.xml              | 28 ++++---
 .../android/securenote/GetPasswordDialog.java | 84 +++++++++----------
 .../securenote/SecureNoteActivity.java        | 14 ++--
 .../crypto/RSAHardwareEncryptor.java          |  7 +-
 gradle.properties                             |  2 +
 6 files changed, 75 insertions(+), 64 deletions(-)
 create mode 100644 gradle.properties

diff --git a/app/build.gradle b/app/build.gradle
index 74cc34f..cc021d3 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -16,3 +16,7 @@ android {
         }
     }
 }
+
+dependencies {
+    implementation 'androidx.appcompat:appcompat:1.0.2'
+}
diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index 3aeb86d..00df066 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -1,15 +1,21 @@
 <?xml version="1.0" encoding="utf-8"?>
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
-	package="com.example.android.securenote">
+    xmlns:tools="http://schemas.android.com/tools"
+    package="com.example.android.securenote">
 
-	<application android:icon="@mipmap/ic_launcher"
-		android:label="@string/app_name">
-		<activity android:name=".SecureNoteActivity"
-			android:label="@string/app_name">
-			<intent-filter>
-				<action android:name="android.intent.action.MAIN" />
-				<category android:name="android.intent.category.LAUNCHER" />
-			</intent-filter>
-		</activity>
-	</application>
+    <application
+        android:icon="@mipmap/ic_launcher"
+        android:label="@string/app_name"
+        android:theme="@style/Theme.AppCompat"
+        android:allowBackup="true"
+        tools:ignore="GoogleAppIndexingWarning">
+        <activity
+            android:name=".SecureNoteActivity"
+            android:label="@string/app_name">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+                <category android:name="android.intent.category.LAUNCHER" />
+            </intent-filter>
+        </activity>
+    </application>
 </manifest>
\ No newline at end of file
diff --git a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
index 25f0d33..ef4c157 100644
--- a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
+++ b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
@@ -2,7 +2,6 @@
 package com.example.android.securenote;
 
 import android.app.Activity;
-import android.app.DialogFragment;
 import android.os.Bundle;
 import android.text.Editable;
 import android.text.TextWatcher;
@@ -14,17 +13,19 @@
 import android.widget.Button;
 import android.widget.EditText;
 
+import androidx.fragment.app.DialogFragment;
+
 public class GetPasswordDialog extends DialogFragment implements
         OnClickListener, TextWatcher {
     private static final String TAG = GetPasswordDialog.class.getSimpleName();
 
-    public static final String VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword";
-    public static final String MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength";
-    public static final String REQUEST_PARAM = "requestType";
+    private static final String VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword";
+    private static final String MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength";
+    private static final String REQUEST_PARAM = "requestType";
 
-    public static GetPasswordDialog newInstance(int requestType,
-                                                int minPasswordLength,
-                                                boolean verifyPassword) {
+    static GetPasswordDialog newInstance(int requestType,
+                                         int minPasswordLength,
+                                         boolean verifyPassword) {
         GetPasswordDialog dialog = new GetPasswordDialog();
         Bundle args = new Bundle();
         args.putBoolean(VERIFY_PASSWORD_REQUEST_PARAM, verifyPassword);
@@ -36,27 +37,26 @@ public static GetPasswordDialog newInstance(int requestType,
     }
 
     public interface OnPasswordListener {
-        public void onPasswordValid(int requestType, String password);
+        void onPasswordValid(int requestType, String password);
 
-        public void onPasswordCancel();
+        void onPasswordCancel();
     }
 
-    private EditText mPassword;
-    private EditText mPasswordVerification;
-    private Button mOkButton;
-    private int mMinPasswordLength;
+    private EditText password;
+    private EditText passwordVerification;
+    private Button okButton;
+    private int minPasswordLength;
 
-    private OnPasswordListener mPasswordListener;
+    private OnPasswordListener passwordListener;
 
     @Override
     public void onAttach(Activity activity) {
         super.onAttach(activity);
         try {
-            mPasswordListener = (OnPasswordListener) activity;
+            passwordListener = (OnPasswordListener) activity;
         } catch (ClassCastException e) {
             throw new IllegalArgumentException(
-                    activity.getClass().getSimpleName()
-                            + " shoud implement OnPasswordListener");
+                    activity.getClass().getSimpleName() + " should implement OnPasswordListener");
         }
     }
 
@@ -65,12 +65,12 @@ public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle sa
         getDialog().setTitle(R.string.get_password_label);
         View content = inflater.inflate(R.layout.get_password, container, false);
 
-        mPassword = content.findViewById(R.id.password_text);
-        mPasswordVerification = content.findViewById(R.id.password_verification_text);
-        mOkButton = content.findViewById(R.id.ok_button);
+        password = content.findViewById(R.id.password_text);
+        passwordVerification = content.findViewById(R.id.password_verification_text);
+        okButton = content.findViewById(R.id.ok_button);
 
         content.findViewById(R.id.cancel_button).setOnClickListener(this);
-        mOkButton.setOnClickListener(this);
+        okButton.setOnClickListener(this);
 
 
         return content;
@@ -83,24 +83,24 @@ public void onActivityCreated(Bundle savedInstanceState) {
 
         boolean verifyPassword = args.getBoolean(VERIFY_PASSWORD_REQUEST_PARAM, true);
         if (verifyPassword) {
-            mOkButton.setEnabled(false);
-            mMinPasswordLength = args.getInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, 0);
-            if (mMinPasswordLength > 0) {
-                mPassword.setHint(super.getString(R.string.password_hint_min_length,
-                        mMinPasswordLength));
+            okButton.setEnabled(false);
+            minPasswordLength = args.getInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, 0);
+            if (minPasswordLength > 0) {
+                password.setHint(super.getString(R.string.password_hint_min_length,
+                        minPasswordLength));
             }
-            mPassword.addTextChangedListener(this);
-            mPasswordVerification.addTextChangedListener(this);
+            password.addTextChangedListener(this);
+            passwordVerification.addTextChangedListener(this);
         } else {
-            mPasswordVerification.setVisibility(View.GONE);
+            passwordVerification.setVisibility(View.GONE);
         }
     }
 
     @Override
     public void onPause() {
         super.onPause();
-        mPassword.getText().clear();
-        mPasswordVerification.getText().clear();
+        password.getText().clear();
+        passwordVerification.getText().clear();
         Log.d(TAG, "Cleared password fields");
     }
 
@@ -108,11 +108,11 @@ public void onClick(View v) {
         switch (v.getId()) {
             case R.id.ok_button:
                 final int requestType = getArguments().getInt(REQUEST_PARAM);
-                final String password = mPassword.getText().toString();
-                mPasswordListener.onPasswordValid(requestType, password);
+                final String password = this.password.getText().toString();
+                passwordListener.onPasswordValid(requestType, password);
                 break;
             case R.id.cancel_button:
-                mPasswordListener.onPasswordCancel();
+                passwordListener.onPasswordCancel();
                 break;
             default:
                 throw new IllegalArgumentException("Invalid Button");
@@ -122,23 +122,23 @@ public void onClick(View v) {
     }
 
     public void afterTextChanged(Editable s) {
-        if (mPassword.length() < mMinPasswordLength) {
+        if (password.length() < minPasswordLength) {
             Log.d(TAG, "Password too short");
-            mOkButton.setEnabled(false);
-        } else if (mPassword.length() != mPasswordVerification.length()) {
+            okButton.setEnabled(false);
+        } else if (password.length() != passwordVerification.length()) {
             Log.d(TAG, "Passwords' length differs");
-            mOkButton.setEnabled(false);
+            okButton.setEnabled(false);
         } else {
-            for (int i = 0; i < mPassword.getText().length(); i++) {
-                if (mPassword.getText().charAt(i) != mPasswordVerification.getText()
+            for (int i = 0; i < password.getText().length(); i++) {
+                if (password.getText().charAt(i) != passwordVerification.getText()
                         .charAt(i)) {
                     Log.d(TAG, "Passwords differ");
-                    mOkButton.setEnabled(false);
+                    okButton.setEnabled(false);
                     return;
                 }
             }
             Log.d(TAG, "Passwords are the same");
-            mOkButton.setEnabled(true);
+            okButton.setEnabled(true);
         }
     }
 
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
index 5cee55f..777675b 100644
--- a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
+++ b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
@@ -1,15 +1,12 @@
 
 package com.example.android.securenote;
 
-import java.io.InputStream;
-import java.io.OutputStream;
-
 import android.annotation.SuppressLint;
-import android.app.Activity;
-import android.app.AlertDialog;
 import android.content.DialogInterface;
 import android.os.AsyncTask;
 import android.os.Bundle;
+import androidx.appcompat.app.AlertDialog;
+import androidx.appcompat.app.AppCompatActivity;
 import android.text.Editable;
 import android.text.TextWatcher;
 import android.util.Log;
@@ -26,7 +23,10 @@
 import com.example.android.securenote.crypto.PasswordEncryptor;
 import com.example.android.securenote.crypto.RSAHardwareEncryptor;
 
-public class SecureNoteActivity extends Activity implements
+import java.io.InputStream;
+import java.io.OutputStream;
+
+public class SecureNoteActivity extends AppCompatActivity implements
         OnClickListener, TextWatcher, GetPasswordDialog.OnPasswordListener {
     private static final String TAG = SecureNoteActivity.class.getSimpleName();
 
@@ -101,7 +101,7 @@ private void getPassword(int requestCode, boolean verifyPasswords) {
         Log.d(TAG, "Getting password");
         GetPasswordDialog dialog = GetPasswordDialog.newInstance(requestCode,
                 6, verifyPasswords);
-        dialog.show(getFragmentManager(),
+        dialog.show(getSupportFragmentManager(),
                 GetPasswordDialog.class.getSimpleName());
     }
 
diff --git a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
index 99e95a0..6af5325 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
+++ b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
@@ -32,8 +32,7 @@
 import javax.security.auth.x500.X500Principal;
 
 public class RSAHardwareEncryptor {
-    private static final String TAG =
-            RSAHardwareEncryptor.class.getSimpleName();
+    private static final String TAG = RSAHardwareEncryptor.class.getSimpleName();
     private static final String PROVIDER_NAME = "AndroidKeyStore";
     private static final String KEY_ALGORITHM = "RSA";
     private static final String ENCRYPTION_ALGORITHM = "RSA/ECB/PKCS1Padding";
@@ -103,7 +102,7 @@ public byte[] decryptData(InputStream in) throws
         return readFile(in).getBytes();
     }
 
-    public Key retrievePublicKey() throws
+    private Key retrievePublicKey() throws
             NoSuchAlgorithmException, InvalidKeySpecException {
         String encodedKey = publicKeyStore.getString(KEY_PUBLIC, null);
         if (encodedKey == null) {
@@ -115,7 +114,7 @@ public Key retrievePublicKey() throws
                 .generatePublic(new X509EncodedKeySpec(publicKey));
     }
 
-    public Key retrievePrivateKey() throws
+    private Key retrievePrivateKey() throws
             GeneralSecurityException, IOException {
         KeyStore ks = KeyStore.getInstance(PROVIDER_NAME);
         ks.load(null);
diff --git a/gradle.properties b/gradle.properties
new file mode 100644
index 0000000..5465fec
--- /dev/null
+++ b/gradle.properties
@@ -0,0 +1,2 @@
+android.enableJetifier=true
+android.useAndroidX=true
\ No newline at end of file

From fc22e824fde0ef49971c014a9524ef092dbde98a Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Tue, 4 Jun 2019 13:36:21 -0700
Subject: [PATCH 10/14] +androidx

---
 app/build.gradle                              |  4 +++
 app/src/main/AndroidManifest.xml              | 28 +++++++++++--------
 .../android/securenote/GetPasswordDialog.java |  9 +++---
 .../securenote/SecureNoteActivity.java        | 14 +++++-----
 gradle.properties                             |  2 ++
 5 files changed, 35 insertions(+), 22 deletions(-)
 create mode 100644 gradle.properties

diff --git a/app/build.gradle b/app/build.gradle
index 74cc34f..d40b3f9 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -16,3 +16,7 @@ android {
         }
     }
 }
+
+dependencies {
+    implementation 'androidx.appcompat:appcompat:1.0.0'
+}
diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index 3aeb86d..7742338 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -1,15 +1,21 @@
 <?xml version="1.0" encoding="utf-8"?>
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
-	package="com.example.android.securenote">
+    xmlns:tools="http://schemas.android.com/tools"
+    package="com.example.android.securenote">
 
-	<application android:icon="@mipmap/ic_launcher"
-		android:label="@string/app_name">
-		<activity android:name=".SecureNoteActivity"
-			android:label="@string/app_name">
-			<intent-filter>
-				<action android:name="android.intent.action.MAIN" />
-				<category android:name="android.intent.category.LAUNCHER" />
-			</intent-filter>
-		</activity>
-	</application>
+    <application
+        android:allowBackup="true"
+        android:icon="@mipmap/ic_launcher"
+        android:label="@string/app_name"
+        android:theme="@style/Theme.AppCompat"
+        tools:ignore="GoogleAppIndexingWarning">
+        <activity
+            android:name=".SecureNoteActivity"
+            android:label="@string/app_name">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+                <category android:name="android.intent.category.LAUNCHER" />
+            </intent-filter>
+        </activity>
+    </application>
 </manifest>
\ No newline at end of file
diff --git a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
index e559cfb..1c4d23a 100644
--- a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
+++ b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
@@ -2,7 +2,6 @@
 package com.example.android.securenote;
 
 import android.app.Activity;
-import android.app.DialogFragment;
 import android.os.Bundle;
 import android.text.Editable;
 import android.text.TextWatcher;
@@ -14,13 +13,15 @@
 import android.widget.Button;
 import android.widget.EditText;
 
+import androidx.fragment.app.DialogFragment;
+
 public class GetPasswordDialog extends DialogFragment implements
         OnClickListener, TextWatcher {
     private static final String TAG = GetPasswordDialog.class.getSimpleName();
 
-    public static final String VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword";
-    public static final String MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength";
-    public static final String REQUEST_PARAM = "requestType";
+    private static final String VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword";
+    private static final String MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength";
+    private static final String REQUEST_PARAM = "requestType";
 
     public static GetPasswordDialog newInstance(int requestType,
                                                 int minPasswordLength,
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
index ac46782..0c91047 100644
--- a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
+++ b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
@@ -1,15 +1,12 @@
 
 package com.example.android.securenote;
 
-import java.io.InputStream;
-import java.io.OutputStream;
-
 import android.annotation.SuppressLint;
-import android.app.Activity;
-import android.app.AlertDialog;
 import android.content.DialogInterface;
 import android.os.AsyncTask;
 import android.os.Bundle;
+import androidx.appcompat.app.AlertDialog;
+import androidx.appcompat.app.AppCompatActivity;
 import android.text.Editable;
 import android.text.TextWatcher;
 import android.util.Log;
@@ -26,7 +23,10 @@
 import com.example.android.securenote.crypto.PasswordEncryptor;
 import com.example.android.securenote.crypto.RSAHardwareEncryptor;
 
-public class SecureNoteActivity extends Activity implements
+import java.io.InputStream;
+import java.io.OutputStream;
+
+public class SecureNoteActivity extends AppCompatActivity implements
         OnClickListener, TextWatcher, GetPasswordDialog.OnPasswordListener {
     private static final String TAG = SecureNoteActivity.class.getSimpleName();
 
@@ -101,7 +101,7 @@ private void getPassword(int requestCode, boolean verifyPasswords) {
         Log.d(TAG, "Getting password");
         GetPasswordDialog dialog = GetPasswordDialog.newInstance(requestCode,
                 6, verifyPasswords);
-        dialog.show(getFragmentManager(),
+        dialog.show(getSupportFragmentManager(),
                 GetPasswordDialog.class.getSimpleName());
     }
 
diff --git a/gradle.properties b/gradle.properties
new file mode 100644
index 0000000..5465fec
--- /dev/null
+++ b/gradle.properties
@@ -0,0 +1,2 @@
+android.enableJetifier=true
+android.useAndroidX=true
\ No newline at end of file

From 513f9b10ece5d28699e363ce2c9b053f7af9b2a1 Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Sat, 18 Jul 2020 14:53:44 -0700
Subject: [PATCH 11/14] Android 10 fixes

---
 app/build.gradle                         | 6 +++---
 build.gradle                             | 2 +-
 gradle/wrapper/gradle-wrapper.properties | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/app/build.gradle b/app/build.gradle
index d40b3f9..bbfcdea 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -1,12 +1,12 @@
 apply plugin: 'com.android.application'
 
 android {
-    compileSdkVersion 28
+    compileSdkVersion 29
 
     defaultConfig {
         applicationId "com.example.android.securenote"
         minSdkVersion 19
-        targetSdkVersion 28
+        targetSdkVersion 29
     }
 
     buildTypes {
@@ -18,5 +18,5 @@ android {
 }
 
 dependencies {
-    implementation 'androidx.appcompat:appcompat:1.0.0'
+    implementation 'androidx.appcompat:appcompat:1.1.0'
 }
diff --git a/build.gradle b/build.gradle
index fd232e5..05357a1 100644
--- a/build.gradle
+++ b/build.gradle
@@ -5,7 +5,7 @@ buildscript {
         jcenter()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:3.4.1'
+        classpath 'com.android.tools.build:gradle:4.0.1'
     }
 }
 
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 2457641..9a6d613 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
-#Mon Jun 03 11:29:47 PDT 2019
+#Sat Jul 18 14:52:08 PDT 2020
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-5.1.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.1.1-all.zip

From aee50402a5ee9aa1ef428049867b9e07583abc03 Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Fri, 23 Jul 2021 10:31:16 -0700
Subject: [PATCH 12/14] Squashed commit of the following:

commit 034719217fbfb15dceca2158e5e867aa638421e5
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Fri Jul 23 10:29:33 2021 -0700

    API-31

commit b3b140e83112047e7cae25dfe4b8699ac0cff5dc
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 22:56:23 2021 -0700

    Update RSAHardwareEncryptor.kt

commit 08de5b55c5f59d3f90b48d7cf7012260f25ce33c
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 22:54:13 2021 -0700

    Update RSAHardwareEncryptor.kt

commit a95734099db112bae40d9f6de0517c8a60b9fc3d
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 21:14:52 2021 -0700

    Update RSAHardwareEncryptor.kt

commit 23858f68be0504448676d9046024d88ad3eb1636
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:31:38 2021 -0700

    Update PasswordEncryptor.kt

commit b0d4ba2ca4ce1a8dc2a458a2d7bdce29a3c2982b
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:27:22 2021 -0700

    Update build.gradle

commit 2b07c4b339a8e3b75ddf5fb4aa2588a802144682
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:24:21 2021 -0700

    Update SecureNoteActivity.kt

commit f5a53c5c27eea36a4f80a85e5069cc779acef0b2
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:17:04 2021 -0700

    Update SecureNoteActivity.kt

commit 78125faa24fe80b798eda2c3aee401f306c471ab
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:12:53 2021 -0700

    Update GetPasswordDialog.kt

commit 4f98ca7e91ddf364baba0e39bdae0820a20da3bf
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 16:35:57 2021 -0700

    remove

commit edad8cc651a239045c29f57d0dd5a7f445473b98
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:40:20 2021 -0700

    Update SecureNoteActivity.kt

commit 55c3e3205ec2d577d95a9788992143d4419109b0
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:28:09 2021 -0700

    API-30 + Jetpack Security

commit 21f90594eead5346b72c9a391826a46fcbad5f63
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Sat Jul 18 15:00:22 2020 -0700

    Android 10 update

commit b5a7fb9ff95527117bc4c8f1269edc55cfff57e9
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Tue Jun 4 13:37:45 2019 -0700

    Update AndroidManifest.xml

commit c3e14b10d9cea95dc2b36eadd1db0608d59c84f2
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jun 3 13:10:12 2019 -0700

    added kotlin support
---
 Module_Secure_Storage.html                    | 3611 -----------
 Module_Secure_Storage_Slides.html             | 5535 -----------------
 README.asciidoc                               |    4 +-
 app/build.gradle                              |   24 +-
 .../android/securenote/GetPasswordDialog.java |  152 -
 .../android/securenote/GetPasswordDialog.kt   |  148 +
 .../securenote/SecureNoteActivity.java        |  260 -
 .../android/securenote/SecureNoteActivity.kt  |  220 +
 ...ordEncryptor.java => PasswordEncryptor.kt} |   97 +-
 .../crypto/RSAHardwareEncryptor.java          |  175 -
 .../securenote/crypto/RSAHardwareEncryptor.kt |  170 +
 app/src/main/res/values/strings.xml           |    3 +
 build.gradle                                  |    8 +-
 gradle/wrapper/gradle-wrapper.properties      |    6 +-
 14 files changed, 618 insertions(+), 9795 deletions(-)
 delete mode 100644 Module_Secure_Storage.html
 delete mode 100644 Module_Secure_Storage_Slides.html
 delete mode 100644 app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
 create mode 100644 app/src/main/java/com/example/android/securenote/GetPasswordDialog.kt
 delete mode 100644 app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
 create mode 100644 app/src/main/java/com/example/android/securenote/SecureNoteActivity.kt
 rename app/src/main/java/com/example/android/securenote/crypto/{PasswordEncryptor.java => PasswordEncryptor.kt} (50%)
 delete mode 100644 app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
 create mode 100644 app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.kt

diff --git a/Module_Secure_Storage.html b/Module_Secure_Storage.html
deleted file mode 100644
index 6afd50f..0000000
--- a/Module_Secure_Storage.html
+++ /dev/null
@@ -1,3611 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<meta name="generator" content="AsciiDoc 8.6.8">
-<title>Secure Application Storage</title>
-<style type="text/css">
-/* Shared CSS for AsciiDoc xhtml11 and html5 backends */
-
-/* Default font. */
-body {
-  font-family: Georgia,serif;
-}
-
-/* Title font. */
-h1, h2, h3, h4, h5, h6,
-div.title, caption.title,
-thead, p.table.header,
-#toctitle,
-#author, #revnumber, #revdate, #revremark,
-#footer {
-  font-family: Arial,Helvetica,sans-serif;
-}
-
-body {
-  margin: 1em 5% 1em 5%;
-}
-
-a {
-  color: blue;
-  text-decoration: underline;
-}
-a:visited {
-  color: fuchsia;
-}
-
-em {
-  font-style: italic;
-  color: navy;
-}
-
-strong {
-  font-weight: bold;
-  color: #083194;
-}
-
-h1, h2, h3, h4, h5, h6 {
-  color: #527bbd;
-  margin-top: 1.2em;
-  margin-bottom: 0.5em;
-  line-height: 1.3;
-}
-
-h1, h2, h3 {
-  border-bottom: 2px solid silver;
-}
-h2 {
-  padding-top: 0.5em;
-}
-h3 {
-  float: left;
-}
-h3 + * {
-  clear: left;
-}
-h5 {
-  font-size: 1.0em;
-}
-
-div.sectionbody {
-  margin-left: 0;
-}
-
-hr {
-  border: 1px solid silver;
-}
-
-p {
-  margin-top: 0.5em;
-  margin-bottom: 0.5em;
-}
-
-ul, ol, li > p {
-  margin-top: 0;
-}
-ul > li     { color: #aaa; }
-ul > li > * { color: black; }
-
-.monospaced, code, pre {
-  font-family: "Courier New", Courier, monospace;
-  font-size: inherit;
-  color: navy;
-  padding: 0;
-  margin: 0;
-}
-
-
-#author {
-  color: #527bbd;
-  font-weight: bold;
-  font-size: 1.1em;
-}
-#email {
-}
-#revnumber, #revdate, #revremark {
-}
-
-#footer {
-  font-size: small;
-  border-top: 2px solid silver;
-  padding-top: 0.5em;
-  margin-top: 4.0em;
-}
-#footer-text {
-  float: left;
-  padding-bottom: 0.5em;
-}
-#footer-badges {
-  float: right;
-  padding-bottom: 0.5em;
-}
-
-#preamble {
-  margin-top: 1.5em;
-  margin-bottom: 1.5em;
-}
-div.imageblock, div.exampleblock, div.verseblock,
-div.quoteblock, div.literalblock, div.listingblock, div.sidebarblock,
-div.admonitionblock {
-  margin-top: 1.0em;
-  margin-bottom: 1.5em;
-}
-div.admonitionblock {
-  margin-top: 2.0em;
-  margin-bottom: 2.0em;
-  margin-right: 10%;
-  color: #606060;
-}
-
-div.content { /* Block element content. */
-  padding: 0;
-}
-
-/* Block element titles. */
-div.title, caption.title {
-  color: #527bbd;
-  font-weight: bold;
-  text-align: left;
-  margin-top: 1.0em;
-  margin-bottom: 0.5em;
-}
-div.title + * {
-  margin-top: 0;
-}
-
-td div.title:first-child {
-  margin-top: 0.0em;
-}
-div.content div.title:first-child {
-  margin-top: 0.0em;
-}
-div.content + div.title {
-  margin-top: 0.0em;
-}
-
-div.sidebarblock > div.content {
-  background: #ffffee;
-  border: 1px solid #dddddd;
-  border-left: 4px solid #f0f0f0;
-  padding: 0.5em;
-}
-
-div.listingblock > div.content {
-  border: 1px solid #dddddd;
-  border-left: 5px solid #f0f0f0;
-  background: #f8f8f8;
-  padding: 0.5em;
-}
-
-div.quoteblock, div.verseblock {
-  padding-left: 1.0em;
-  margin-left: 1.0em;
-  margin-right: 10%;
-  border-left: 5px solid #f0f0f0;
-  color: #888;
-}
-
-div.quoteblock > div.attribution {
-  padding-top: 0.5em;
-  text-align: right;
-}
-
-div.verseblock > pre.content {
-  font-family: inherit;
-  font-size: inherit;
-}
-div.verseblock > div.attribution {
-  padding-top: 0.75em;
-  text-align: left;
-}
-/* DEPRECATED: Pre version 8.2.7 verse style literal block. */
-div.verseblock + div.attribution {
-  text-align: left;
-}
-
-div.admonitionblock .icon {
-  vertical-align: top;
-  font-size: 1.1em;
-  font-weight: bold;
-  text-decoration: underline;
-  color: #527bbd;
-  padding-right: 0.5em;
-}
-div.admonitionblock td.content {
-  padding-left: 0.5em;
-  border-left: 3px solid #dddddd;
-}
-
-div.exampleblock > div.content {
-  border-left: 3px solid #dddddd;
-  padding-left: 0.5em;
-}
-
-div.imageblock div.content { padding-left: 0; }
-span.image img { border-style: none; }
-a.image:visited { color: white; }
-
-dl {
-  margin-top: 0.8em;
-  margin-bottom: 0.8em;
-}
-dt {
-  margin-top: 0.5em;
-  margin-bottom: 0;
-  font-style: normal;
-  color: navy;
-}
-dd > *:first-child {
-  margin-top: 0.1em;
-}
-
-ul, ol {
-    list-style-position: outside;
-}
-ol.arabic {
-  list-style-type: decimal;
-}
-ol.loweralpha {
-  list-style-type: lower-alpha;
-}
-ol.upperalpha {
-  list-style-type: upper-alpha;
-}
-ol.lowerroman {
-  list-style-type: lower-roman;
-}
-ol.upperroman {
-  list-style-type: upper-roman;
-}
-
-div.compact ul, div.compact ol,
-div.compact p, div.compact p,
-div.compact div, div.compact div {
-  margin-top: 0.1em;
-  margin-bottom: 0.1em;
-}
-
-tfoot {
-  font-weight: bold;
-}
-td > div.verse {
-  white-space: pre;
-}
-
-div.hdlist {
-  margin-top: 0.8em;
-  margin-bottom: 0.8em;
-}
-div.hdlist tr {
-  padding-bottom: 15px;
-}
-dt.hdlist1.strong, td.hdlist1.strong {
-  font-weight: bold;
-}
-td.hdlist1 {
-  vertical-align: top;
-  font-style: normal;
-  padding-right: 0.8em;
-  color: navy;
-}
-td.hdlist2 {
-  vertical-align: top;
-}
-div.hdlist.compact tr {
-  margin: 0;
-  padding-bottom: 0;
-}
-
-.comment {
-  background: yellow;
-}
-
-.footnote, .footnoteref {
-  font-size: 0.8em;
-}
-
-span.footnote, span.footnoteref {
-  vertical-align: super;
-}
-
-#footnotes {
-  margin: 20px 0 20px 0;
-  padding: 7px 0 0 0;
-}
-
-#footnotes div.footnote {
-  margin: 0 0 5px 0;
-}
-
-#footnotes hr {
-  border: none;
-  border-top: 1px solid silver;
-  height: 1px;
-  text-align: left;
-  margin-left: 0;
-  width: 20%;
-  min-width: 100px;
-}
-
-div.colist td {
-  padding-right: 0.5em;
-  padding-bottom: 0.3em;
-  vertical-align: top;
-}
-div.colist td img {
-  margin-top: 0.3em;
-}
-
-@media print {
-  #footer-badges { display: none; }
-}
-
-#toc {
-  margin-bottom: 2.5em;
-}
-
-#toctitle {
-  color: #527bbd;
-  font-size: 1.1em;
-  font-weight: bold;
-  margin-top: 1.0em;
-  margin-bottom: 0.1em;
-}
-
-div.toclevel0, div.toclevel1, div.toclevel2, div.toclevel3, div.toclevel4 {
-  margin-top: 0;
-  margin-bottom: 0;
-}
-div.toclevel2 {
-  margin-left: 2em;
-  font-size: 0.9em;
-}
-div.toclevel3 {
-  margin-left: 4em;
-  font-size: 0.9em;
-}
-div.toclevel4 {
-  margin-left: 6em;
-  font-size: 0.9em;
-}
-
-span.aqua { color: aqua; }
-span.black { color: black; }
-span.blue { color: blue; }
-span.fuchsia { color: fuchsia; }
-span.gray { color: gray; }
-span.green { color: green; }
-span.lime { color: lime; }
-span.maroon { color: maroon; }
-span.navy { color: navy; }
-span.olive { color: olive; }
-span.purple { color: purple; }
-span.red { color: red; }
-span.silver { color: silver; }
-span.teal { color: teal; }
-span.white { color: white; }
-span.yellow { color: yellow; }
-
-span.aqua-background { background: aqua; }
-span.black-background { background: black; }
-span.blue-background { background: blue; }
-span.fuchsia-background { background: fuchsia; }
-span.gray-background { background: gray; }
-span.green-background { background: green; }
-span.lime-background { background: lime; }
-span.maroon-background { background: maroon; }
-span.navy-background { background: navy; }
-span.olive-background { background: olive; }
-span.purple-background { background: purple; }
-span.red-background { background: red; }
-span.silver-background { background: silver; }
-span.teal-background { background: teal; }
-span.white-background { background: white; }
-span.yellow-background { background: yellow; }
-
-span.big { font-size: 2em; }
-span.small { font-size: 0.6em; }
-
-span.underline { text-decoration: underline; }
-span.overline { text-decoration: overline; }
-span.line-through { text-decoration: line-through; }
-
-div.unbreakable { page-break-inside: avoid; }
-
-
-/*
- * xhtml11 specific
- *
- * */
-
-div.tableblock {
-  margin-top: 1.0em;
-  margin-bottom: 1.5em;
-}
-div.tableblock > table {
-  border: 3px solid #527bbd;
-}
-thead, p.table.header {
-  font-weight: bold;
-  color: #527bbd;
-}
-p.table {
-  margin-top: 0;
-}
-/* Because the table frame attribute is overriden by CSS in most browsers. */
-div.tableblock > table[frame="void"] {
-  border-style: none;
-}
-div.tableblock > table[frame="hsides"] {
-  border-left-style: none;
-  border-right-style: none;
-}
-div.tableblock > table[frame="vsides"] {
-  border-top-style: none;
-  border-bottom-style: none;
-}
-
-
-/*
- * html5 specific
- *
- * */
-
-table.tableblock {
-  margin-top: 1.0em;
-  margin-bottom: 1.5em;
-}
-thead, p.tableblock.header {
-  font-weight: bold;
-  color: #527bbd;
-}
-p.tableblock {
-  margin-top: 0;
-}
-table.tableblock {
-  border-width: 3px;
-  border-spacing: 0px;
-  border-style: solid;
-  border-color: #527bbd;
-  border-collapse: collapse;
-}
-th.tableblock, td.tableblock {
-  border-width: 1px;
-  padding: 4px;
-  border-style: solid;
-  border-color: #527bbd;
-}
-
-table.tableblock.frame-topbot {
-  border-left-style: hidden;
-  border-right-style: hidden;
-}
-table.tableblock.frame-sides {
-  border-top-style: hidden;
-  border-bottom-style: hidden;
-}
-table.tableblock.frame-none {
-  border-style: hidden;
-}
-
-th.tableblock.halign-left, td.tableblock.halign-left {
-  text-align: left;
-}
-th.tableblock.halign-center, td.tableblock.halign-center {
-  text-align: center;
-}
-th.tableblock.halign-right, td.tableblock.halign-right {
-  text-align: right;
-}
-
-th.tableblock.valign-top, td.tableblock.valign-top {
-  vertical-align: top;
-}
-th.tableblock.valign-middle, td.tableblock.valign-middle {
-  vertical-align: middle;
-}
-th.tableblock.valign-bottom, td.tableblock.valign-bottom {
-  vertical-align: bottom;
-}
-
-
-/*
- * manpage specific
- *
- * */
-
-body.manpage h1 {
-  padding-top: 0.5em;
-  padding-bottom: 0.5em;
-  border-top: 2px solid silver;
-  border-bottom: 2px solid silver;
-}
-body.manpage h2 {
-  border-style: none;
-}
-body.manpage div.sectionbody {
-  margin-left: 3em;
-}
-
-@media print {
-  body.manpage div#toc { display: none; }
-}
-/*
-  pygmentize filter
-*/
-.highlight .hll { background-color: #ffffcc }
-.highlight  { background: #f4f4f4; }
-.highlight .c { color: #008800; font-style: italic } /* Comment */
-.highlight .err { border: 1px solid #FF0000 } /* Error */
-.highlight .k { color: #AA22FF; font-weight: bold } /* Keyword */
-.highlight .o { color: #666666 } /* Operator */
-.highlight .cm { color: #008800; font-style: italic } /* Comment.Multiline */
-.highlight .cp { color: #008800 } /* Comment.Preproc */
-.highlight .c1 { color: #008800; font-style: italic } /* Comment.Single */
-.highlight .cs { color: #008800; font-weight: bold } /* Comment.Special */
-.highlight .gd { color: #A00000 } /* Generic.Deleted */
-.highlight .ge { font-style: italic } /* Generic.Emph */
-.highlight .gr { color: #FF0000 } /* Generic.Error */
-.highlight .gh { color: #000080; font-weight: bold } /* Generic.Heading */
-.highlight .gi { color: #00A000 } /* Generic.Inserted */
-.highlight .go { color: #808080 } /* Generic.Output */
-.highlight .gp { color: #000080; font-weight: bold } /* Generic.Prompt */
-.highlight .gs { font-weight: bold } /* Generic.Strong */
-.highlight .gu { color: #800080; font-weight: bold } /* Generic.Subheading */
-.highlight .gt { color: #0040D0 } /* Generic.Traceback */
-.highlight .kc { color: #AA22FF; font-weight: bold } /* Keyword.Constant */
-.highlight .kd { color: #AA22FF; font-weight: bold } /* Keyword.Declaration */
-.highlight .kn { color: #AA22FF; font-weight: bold } /* Keyword.Namespace */
-.highlight .kp { color: #AA22FF } /* Keyword.Pseudo */
-.highlight .kr { color: #AA22FF; font-weight: bold } /* Keyword.Reserved */
-.highlight .kt { color: #00BB00; font-weight: bold } /* Keyword.Type */
-.highlight .m { color: #666666 } /* Literal.Number */
-.highlight .s { color: #BB4444 } /* Literal.String */
-.highlight .na { color: #BB4444 } /* Name.Attribute */
-.highlight .nb { color: #AA22FF } /* Name.Builtin */
-.highlight .nc { color: #0000FF } /* Name.Class */
-.highlight .no { color: #880000 } /* Name.Constant */
-.highlight .nd { color: #AA22FF } /* Name.Decorator */
-.highlight .ni { color: #999999; font-weight: bold } /* Name.Entity */
-.highlight .ne { color: #D2413A; font-weight: bold } /* Name.Exception */
-.highlight .nf { color: #00A000 } /* Name.Function */
-.highlight .nl { color: #A0A000 } /* Name.Label */
-.highlight .nn { color: #0000FF; font-weight: bold } /* Name.Namespace */
-.highlight .nt { color: #008000; font-weight: bold } /* Name.Tag */
-.highlight .nv { color: #B8860B } /* Name.Variable */
-.highlight .ow { color: #AA22FF; font-weight: bold } /* Operator.Word */
-.highlight .w { color: #bbbbbb } /* Text.Whitespace */
-.highlight .mf { color: #666666 } /* Literal.Number.Float */
-.highlight .mh { color: #666666 } /* Literal.Number.Hex */
-.highlight .mi { color: #666666 } /* Literal.Number.Integer */
-.highlight .mo { color: #666666 } /* Literal.Number.Oct */
-.highlight .sb { color: #BB4444 } /* Literal.String.Backtick */
-.highlight .sc { color: #BB4444 } /* Literal.String.Char */
-.highlight .sd { color: #BB4444; font-style: italic } /* Literal.String.Doc */
-.highlight .s2 { color: #BB4444 } /* Literal.String.Double */
-.highlight .se { color: #BB6622; font-weight: bold } /* Literal.String.Escape */
-.highlight .sh { color: #BB4444 } /* Literal.String.Heredoc */
-.highlight .si { color: #BB6688; font-weight: bold } /* Literal.String.Interpol */
-.highlight .sx { color: #008000 } /* Literal.String.Other */
-.highlight .sr { color: #BB6688 } /* Literal.String.Regex */
-.highlight .s1 { color: #BB4444 } /* Literal.String.Single */
-.highlight .ss { color: #B8860B } /* Literal.String.Symbol */
-.highlight .bp { color: #AA22FF } /* Name.Builtin.Pseudo */
-.highlight .vc { color: #B8860B } /* Name.Variable.Class */
-.highlight .vg { color: #B8860B } /* Name.Variable.Global */
-.highlight .vi { color: #B8860B } /* Name.Variable.Instance */
-.highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
-
-
-
-</style>
-<script type="text/javascript">
-/*<![CDATA[*/
-var asciidoc = {  // Namespace.
-
-/////////////////////////////////////////////////////////////////////
-// Table Of Contents generator
-/////////////////////////////////////////////////////////////////////
-
-/* Author: Mihai Bazon, September 2002
- * http://students.infoiasi.ro/~mishoo
- *
- * Table Of Content generator
- * Version: 0.4
- *
- * Feel free to use this script under the terms of the GNU General Public
- * License, as long as you do not remove or alter this notice.
- */
-
- /* modified by Troy D. Hanson, September 2006. License: GPL */
- /* modified by Stuart Rackham, 2006, 2009. License: GPL */
-
-// toclevels = 1..4.
-toc: function (toclevels) {
-
-  function getText(el) {
-    var text = "";
-    for (var i = el.firstChild; i != null; i = i.nextSibling) {
-      if (i.nodeType == 3 /* Node.TEXT_NODE */) // IE doesn't speak constants.
-        text += i.data;
-      else if (i.firstChild != null)
-        text += getText(i);
-    }
-    return text;
-  }
-
-  function TocEntry(el, text, toclevel) {
-    this.element = el;
-    this.text = text;
-    this.toclevel = toclevel;
-  }
-
-  function tocEntries(el, toclevels) {
-    var result = new Array;
-    var re = new RegExp('[hH]([1-'+(toclevels+1)+'])');
-    // Function that scans the DOM tree for header elements (the DOM2
-    // nodeIterator API would be a better technique but not supported by all
-    // browsers).
-    var iterate = function (el) {
-      for (var i = el.firstChild; i != null; i = i.nextSibling) {
-        if (i.nodeType == 1 /* Node.ELEMENT_NODE */) {
-          var mo = re.exec(i.tagName);
-          if (mo && (i.getAttribute("class") || i.getAttribute("className")) != "float") {
-            result[result.length] = new TocEntry(i, getText(i), mo[1]-1);
-          }
-          iterate(i);
-        }
-      }
-    }
-    iterate(el);
-    return result;
-  }
-
-  var toc = document.getElementById("toc");
-  if (!toc) {
-    return;
-  }
-
-  // Delete existing TOC entries in case we're reloading the TOC.
-  var tocEntriesToRemove = [];
-  var i;
-  for (i = 0; i < toc.childNodes.length; i++) {
-    var entry = toc.childNodes[i];
-    if (entry.nodeName.toLowerCase() == 'div'
-     && entry.getAttribute("class")
-     && entry.getAttribute("class").match(/^toclevel/))
-      tocEntriesToRemove.push(entry);
-  }
-  for (i = 0; i < tocEntriesToRemove.length; i++) {
-    toc.removeChild(tocEntriesToRemove[i]);
-  }
-
-  // Rebuild TOC entries.
-  var entries = tocEntries(document.getElementById("content"), toclevels);
-  for (var i = 0; i < entries.length; ++i) {
-    var entry = entries[i];
-    if (entry.element.id == "")
-      entry.element.id = "_toc_" + i;
-    var a = document.createElement("a");
-    a.href = "#" + entry.element.id;
-    a.appendChild(document.createTextNode(entry.text));
-    var div = document.createElement("div");
-    div.appendChild(a);
-    div.className = "toclevel" + entry.toclevel;
-    toc.appendChild(div);
-  }
-  if (entries.length == 0)
-    toc.parentNode.removeChild(toc);
-},
-
-
-/////////////////////////////////////////////////////////////////////
-// Footnotes generator
-/////////////////////////////////////////////////////////////////////
-
-/* Based on footnote generation code from:
- * http://www.brandspankingnew.net/archive/2005/07/format_footnote.html
- */
-
-footnotes: function () {
-  // Delete existing footnote entries in case we're reloading the footnodes.
-  var i;
-  var noteholder = document.getElementById("footnotes");
-  if (!noteholder) {
-    return;
-  }
-  var entriesToRemove = [];
-  for (i = 0; i < noteholder.childNodes.length; i++) {
-    var entry = noteholder.childNodes[i];
-    if (entry.nodeName.toLowerCase() == 'div' && entry.getAttribute("class") == "footnote")
-      entriesToRemove.push(entry);
-  }
-  for (i = 0; i < entriesToRemove.length; i++) {
-    noteholder.removeChild(entriesToRemove[i]);
-  }
-
-  // Rebuild footnote entries.
-  var cont = document.getElementById("content");
-  var spans = cont.getElementsByTagName("span");
-  var refs = {};
-  var n = 0;
-  for (i=0; i<spans.length; i++) {
-    if (spans[i].className == "footnote") {
-      n++;
-      var note = spans[i].getAttribute("data-note");
-      if (!note) {
-        // Use [\s\S] in place of . so multi-line matches work.
-        // Because JavaScript has no s (dotall) regex flag.
-        note = spans[i].innerHTML.match(/\s*\[([\s\S]*)]\s*/)[1];
-        spans[i].innerHTML =
-          "[<a id='_footnoteref_" + n + "' href='#_footnote_" + n +
-          "' title='View footnote' class='footnote'>" + n + "</a>]";
-        spans[i].setAttribute("data-note", note);
-      }
-      noteholder.innerHTML +=
-        "<div class='footnote' id='_footnote_" + n + "'>" +
-        "<a href='#_footnoteref_" + n + "' title='Return to text'>" +
-        n + "</a>. " + note + "</div>";
-      var id =spans[i].getAttribute("id");
-      if (id != null) refs["#"+id] = n;
-    }
-  }
-  if (n == 0)
-    noteholder.parentNode.removeChild(noteholder);
-  else {
-    // Process footnoterefs.
-    for (i=0; i<spans.length; i++) {
-      if (spans[i].className == "footnoteref") {
-        var href = spans[i].getElementsByTagName("a")[0].getAttribute("href");
-        href = href.match(/#.*/)[0];  // Because IE return full URL.
-        n = refs[href];
-        spans[i].innerHTML =
-          "[<a href='#_footnote_" + n +
-          "' title='View footnote' class='footnote'>" + n + "</a>]";
-      }
-    }
-  }
-},
-
-install: function(toclevels) {
-  var timerId;
-
-  function reinstall() {
-    asciidoc.footnotes();
-    if (toclevels) {
-      asciidoc.toc(toclevels);
-    }
-  }
-
-  function reinstallAndRemoveTimer() {
-    clearInterval(timerId);
-    reinstall();
-  }
-
-  timerId = setInterval(reinstall, 500);
-  if (document.addEventListener)
-    document.addEventListener("DOMContentLoaded", reinstallAndRemoveTimer, false);
-  else
-    window.onload = reinstallAndRemoveTimer;
-}
-
-}
-asciidoc.install(2);
-/*]]>*/
-</script>
-</head>
-<body class="article">
-<div id="header">
-<h1>Secure Application Storage</h1>
-<div id="toc">
-  <noscript><p><b>JavaScript must be enabled in your browser to display the table of contents.</b></p></noscript>
-</div>
-</div>
-<div id="content">
-<div id="preamble">
-<div class="sectionbody">
-<div class="paragraph"><p>Objective: By the end of this module, you will be able<br>
-protect data saved on the file system and understand what to persist.</p></div>
-<div class="paragraph"><p></p></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_review_questions">1. Review Questions</h2>
-<div class="sectionbody">
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Name three of the primary APIs for persisting data in Android.
-</p>
-</li>
-<li>
-<p>
-Why is it a bad idea hard-code secret keys in your application code?
-</p>
-</li>
-<li>
-<p>
-What is the preferred method of generating a unique ID for your application user?
-</p>
-</li>
-<li>
-<p>
-what is the one type of persisted data that cannot be (directly) encrypted?
-</p>
-</li>
-<li>
-<p>
-What is the name of the package that provides encryption for SQLite?
-</p>
-</li>
-<li>
-<p>
-What is the primary advantage of the accounts framework?
-</p>
-</li>
-<li>
-<p>
-Is password-based encryption symmetric or asymmetric? What does that mean?
-</p>
-</li>
-<li>
-<p>
-What is the difference between the system KeyChain and the system KeyStore?
-</p>
-</li>
-<li>
-<p>
-When is it safe to persist an encryption key in the system KeyStore?
-</p>
-</li>
-<li>
-<p>
-How do we check if the device supports this?
-</p>
-</li>
-</ol></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_storage">2. Storage</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-Improper storage of data is a simple problem to resolve, if handled from the start
-</p>
-</li>
-<li>
-<p>
-Mobile devices are different than traditional computing systems
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Physical device access is <strong>easy</strong> to achieve
-</p>
-</li>
-<li>
-<p>
-Once physical access is available, device can be rooted, flashed, etc.
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-You <em>must</em> assume that once data is <strong>stored</strong> on the device it is vulnerable!
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-For typical users, this is usually not a problem
-</p>
-</li>
-<li>
-<p>
-Malicious users are <strong>not</strong> typical users!
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Once a device has been rooted, re-ROM&#8217;d, etc. the malicious user can read/write anywhere they want
-</p>
-<div class="paragraph"><p><em>The question to ask: what does my app really need to store?</em></p></div>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-The general rule of thumb: store only what you <em>absolutely require</em>
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-This can mean many things: tokens/keys to access APIs, user credentials, authentication tokens
-</p>
-</li>
-<li>
-<p>
-It boils down to propery managing sensitive data
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-If you must store sensitive data, have a plan to do so in a way with minimized risk
-</p>
-</li>
-</ul></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_storage_apis">3. Storage APIs</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-File access
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-<span class="monospaced">Context</span> provides a number of helper APIs
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-<span class="monospaced">Context.openFileInput()</span> opens a private file for reading
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">Context.openFileOutput()</span> opens a private file for writing
-</p>
-</li>
-<li>
-<p>
-Private files are tied to the app package, located in its private sandbox
-</p>
-</li>
-<li>
-<p>
-There are additional APIs for cache files
-</p>
-</li>
-<li>
-<p>
-"External storage" is also available, with a package private area
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Standard Java <span class="monospaced">File</span> class and related APIs available
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-<span class="monospaced">Context</span> provides APIs to help get package private paths (<span class="monospaced">getDir()</span>, <span class="monospaced">getCacheDir()</span>, <span class="monospaced">getExternalCacheDir()</span>, <span class="monospaced">getExternalFilesDir()</span>, <span class="monospaced">getFilesDir()</span>)
-</p>
-</li>
-<li>
-<p>
-Apps should not assume any specific filesystem paths or mount points
-</p>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Opaque Binary Blobs (OBB)
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-App specific file container
-</p>
-</li>
-<li>
-<p>
-Can be encrypted
-</p>
-</li>
-<li>
-<p>
-App manages the download / mount of the containers
-</p>
-</li>
-<li>
-<p>
-Useful for large data sets (graphics, assets)
-</p>
-</li>
-<li>
-<p>
-Use <span class="monospaced">StorageManager</span> to mount then access
-</p>
-</li>
-<li>
-<p>
-Cannot <strong>create</strong> new OBBs on the device, just access existing ones
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-<span class="monospaced">SharedPreferences</span>
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-File backed storage of key-value pair data
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Keys are <span class="monospaced">String</span> objects, values can be primitives, <span class="monospaced">String</span> or <span class="monospaced">Set&lt;String&gt;</span>
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-App controls what data is stored and meaning
-</p>
-</li>
-<li>
-<p>
-Default for the app is tied to the package name
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Default name can be overridden
-</p>
-</li>
-<li>
-<p>
-Can use multiple <span class="monospaced">SharedPreferences</span> for the same app
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Data is not encrypted, simple string based lookup
-</p>
-</li>
-<li>
-<p>
-Can be used by multiple threads (clients), modifications go through <span class="monospaced">SharedPreferences.Editor</span>
-</p>
-</li>
-<li>
-<p>
-Does not support multi-process access
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-SQLite Databases
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-SQLite databases can be used for app specific storage
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Accessible to any component in your app, but (generally) not outside your app
-</p>
-</li>
-<li>
-<p>
-Backed by private file within the sandbox
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Recommended use is via <span class="monospaced">SQLiteOpenHelper</span> class to help manage creation, updates
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Use <span class="monospaced">SQLiteOpenHelper.getWriteableDatabase()</span> and <span class="monospaced">SQLiteOpenHelper.getReadableDatabase()</span> to get a <span class="monospaced">SQLiteDatabase</span> object to call <span class="monospaced">query()</span>, etc. against
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">query()</span> calls return <span class="monospaced">Cursor</span> objects which points to the rows found by the query
-</p>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_user_authentication">4. User Authentication</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-User authentication is used for access to user specific data in the app
-</p>
-</li>
-<li>
-<p>
-Best Practices for storage depends on app and credentials
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-BP#1: Certificate/key based credentials
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Leverage Android&#8217;s credential storage to securely track
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-See <a href="http://developer.android.com/reference/android/security/KeyChain.html"><span class="monospaced">KeyChain</span></a>
-and <a href="https://developer.android.com/training/articles/keystore.html"><span class="monospaced">AndroidKeyStore</span></a> provider
-with <a href="http://developer.android.com/reference/java/security/KeyStore.html"><span class="monospaced">KeyStore</span></a> (Android 4.3 and newer)
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-<em>DO NOT</em> assume filesystem sandbox is enough
-</p>
-</li>
-<li>
-<p>
-Still can be vulnerable to attacks if device compromised
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-BP#2: User account credentials
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Users have numerous accounts for different service (Google, PayPal, Facebook, etc.)
-</p>
-</li>
-<li>
-<p>
-Leverage <a href="https://developer.android.com/reference/android/accounts/AccountManager.html"><span class="monospaced">AccountManager</span></a>
-for storage of accounts and accessing accounts
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-<span class="monospaced">AccountManager</span> uses plugabble architecture for authenticators
-</p>
-</li>
-<li>
-<p>
-Using an existing account, apps can request authentication token for use in requests
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-<em>DO NOT</em> assume filesystem sandbox is enough and store in cleartext
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-BP#3: Use WebView and Session Tokens
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Present the user with web page for login
-</p>
-</li>
-<li>
-<p>
-<em>DO NOT</em> store the user credentials at all
-</p>
-</li>
-<li>
-<p>
-The web interface presents a redirect with session token on success (e.g. <a href="http://en.wikipedia.org/wiki/OAuth">OAuth 2.0</a>)
-</p>
-</li>
-<li>
-<p>
-Keep the session token for subsequent requests
-</p>
-</li>
-<li>
-<p>
-Session key can be stored, but carefully do so
-</p>
-</li>
-<li>
-<p>
-This relies on the <em>server</em> to properly handle credentials, expire and rotate tokens correctly
-</p>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_session_identifiers">5. Session Identifiers</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-Many network services (Google, Facebook, Instagram, etc.) use session or token based identifiers for access
-</p>
-</li>
-<li>
-<p>
-These can be stored on the device, carefully
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Be sure to store them in a way so an attacker cannot determine how it is used
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Servers should have reasonable expiration times for session IDs
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Some server implementations may issue new session IDs to replace old ones frequently
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Android&#8217;s <span class="monospaced">AccountManager</span> can be leveraged with 3rd party authenticators to help with auth tokens or sessions
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-It is up <em>to the app</em> to notify the <span class="monospaced">AccountManager</span> if a token is no longer valid
-</p>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_hardcoded_tokens_and_keys">6. Hardcoded Tokens and Keys</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-Best practice is to <strong>not</strong> use hardcoded values in code
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Java (including Dalvik DEX) can be disassembled <a href="http://dedexer.sourceforge.net/"><em>very easily</em></a>
-</p>
-</li>
-<li>
-<p>
-Reverse engineering can discover hardcoded values relatively easily
-</p>
-</li>
-<li>
-<p>
-This is <em>particularly bad for encryption of data</em>
-</p>
-</li>
-<li>
-<p>
-Best Practice: hash a random salt plus and password to create a key (with numerous iterations), store the salt and hash
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Some cloud services require an app authentication token
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-You have no choice but to store or hard code
-</p>
-</li>
-<li>
-<p>
-Best practice: ensure the server only uses this to "authenticate" the app, not the user
-</p>
-</li>
-<li>
-<p>
-Best practice on the server: only allow a limited subset of functionality via the app (e.g. no account delete or other more volatile ops)
-</p>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_unique_identifiers">7. Unique Identifiers</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-Use of unique IDs is common for apps to track users or installs
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Typically used for analytics, ads, etc.
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-A common practice uses <span class="monospaced">TelephonyManager.getDeviceId()</span>
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-<em>DO NOT</em> do this!  There are better ways.
-</p>
-</li>
-<li>
-<p>
-It requires the permission <span class="monospaced">READ_PHONE_STATE</span> which can set up a red flag to users
-</p>
-</li>
-<li>
-<p>
-It is not reliable.  Some devices do not report unique IDs or change IDs after factory reset
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Best Practice: for non-physical device tracking use
-<a href="https://developer.android.com/reference/java/util/UUID.html#randomUUID()"><span class="monospaced">UUID.randomUUID()</span></a>
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-If you must track physical devices, use
-<a href="https://developer.android.com/reference/android/provider/Settings.Secure.html#ANDROID_ID"><span class="monospaced">Settings.Secure.ANDROID_ID</span></a>
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-This is a 64 bit value created and stored when the device first boots.  It is wiped at factory reset.
-</p>
-</li>
-<li>
-<p>
-The downside to this is it is unreliable before Android 2.3 (Gingerbread) due to <span class="monospaced">SecureRandom</span>
-used to create <span class="monospaced">ANDROID_ID</span> being <a href="https://code.google.com/p/android/issues/detail?id=10639">seeded incorrectly</a>.
-</p>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-See this <a href="http://android-developers.blogspot.com/2011/03/identifying-app-installations.html">Google Developer Blog</a> for more details
-</p>
-</li>
-</ul></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_storing_sensitive_data">8. Storing sensitive data</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-Sometimes, you just have to do it: save your app&#8217;s (or user&#8217;s) sensitive data
-</p>
-</li>
-<li>
-<p>
-As we have seen, there are multiple ways of storing data, so how do you protect it?
-</p>
-</li>
-<li>
-<p>
-It depends on the storage type
-</p>
-</li>
-</ul></div>
-<table class="tableblock frame-topbot grid-all"
-style="
-width:75%;
-">
-<col style="width:25%;">
-<col style="width:25%;">
-<col style="width:25%;">
-<col style="width:25%;">
-<thead>
-<tr>
-<th class="tableblock halign-left valign-top" > Storage Type      </th>
-<th class="tableblock halign-left valign-top" > Private to App? </th>
-<th class="tableblock halign-left valign-top" > Can be made public? </th>
-<th class="tableblock halign-left valign-top" > Encryptable?</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Files</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">OBB</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">No</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">SharedPreferences</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">No</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">SQLite database</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>**</sup></p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>+</sup></p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">ContentProvider</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Can be</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-</tr>
-</tbody>
-</table>
-<div class="paragraph"><p><sup>*</sup> The default setting is to be private, this can be overridden</p></div>
-<div class="paragraph"><p><sup>**</sup> Making the database public can be done via file permissions or by exposing via <span class="monospaced">ContentProvider</span></p></div>
-<div class="paragraph"><p><sup>+</sup> SQLite databases can be encrypted using 3rd party libraries</p></div>
-<div class="sect2">
-<h3 id="_file_usage">8.1. File Usage</h3>
-<div class="ulist"><ul>
-<li>
-<p>
-Regular file usage is simple, well understood and fairly robust
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">SharedPreferences</span> are backed by files, so the same concepts apply (except for encryption)
-</p>
-</li>
-<li>
-<p>
-<em>Inherently insecure at runtime or if device physically compromised</em>
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Data is "raw" or in the clear
-</p>
-</li>
-<li>
-<p>
-App sandbox works for basic protection
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Easy to override
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-External storage can present issues, if removable
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-For simple data (not critical if exposed), basic <span class="monospaced">File</span> access is ok
-</p>
-</li>
-<li>
-<p>
-Best Practice for sensitive data: use encryption (file only, not <span class="monospaced">SharedPreferences</span>) with user provided password
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-No "encrypt file" direct API available, but <span class="monospaced">javax.crypto</span> package can be used
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Use a <a href="http://developer.android.com/reference/javax/crypto/Cipher.html"><span class="monospaced">Cipher</span></a> initilized for AES/CBC/PKCS5Padding,
-create an initialization vector (IV) using <a href="http://developer.android.com/reference/java/security/SecureRandom.html"><span class="monospaced">SecureRandom</span></a>,
-save the raw IV at the start of the file, then use
-<a href="http://developer.android.com/reference/javax/crypto/CipherOutputStream.html"><span class="monospaced">CipherOutputStream</span></a> to write
-the encrypted data to the file.  Use the password to <em>derive</em> a key (don&#8217;t store the password!) using PBKDF2.
-</p>
-</li>
-<li>
-<p>
-To ensure integrity of the crypted file, create a secure checksum with MAC or HMAC (i.e. SHA-1)
-</p>
-</li>
-<li>
-<p>
-Obviously, this is not simple, can be prone to error
-</p>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</div>
-<div class="sect2">
-<h3 id="_sqlite_databases">8.2. SQLite Databases</h3>
-<div class="ulist"><ul>
-<li>
-<p>
-SQLite databases are used frequently in Android
-</p>
-</li>
-<li>
-<p>
-Each database is backed by a file
-</p>
-</li>
-<li>
-<p>
-<em>Inherently insecure at runtime or if device physically compromised</em>
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-App sandbox works for basic protection
-</p>
-</li>
-<li>
-<p>
-Easy to override
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-For simple data (i.e. no user details, password hashes, etc.) basic usage is ok
-</p>
-</li>
-<li>
-<p>
-Best Practice for permissions: don&#8217;t override sandbox settings
-</p>
-</li>
-<li>
-<p>
-Best Practice for location: don&#8217;t use external (removable) storage
-</p>
-</li>
-<li>
-<p>
-Best Practice for sensitive data: use encryption (SQLCipher)
-</p>
-</li>
-</ul></div>
-<div class="sect3">
-<h4 id="_sqlcipher">8.2.1. SQLCipher</h4>
-<div class="ulist"><ul>
-<li>
-<p>
-Crypto library for SQLite databases, made by <a href="http://sqlcipher.net">Zetetic LLC</a>
-</p>
-</li>
-<li>
-<p>
-Encrypts 100% of the database, with a small amount of performance overhead (claims 5-15% overhead)
-</p>
-</li>
-<li>
-<p>
-Utilizes industry standard crypto libraries from OpenSSL, utlizes 256-bit AES encryption
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Encryption keys can be derived from a passphrase or using raw binary key data
-</p>
-</li>
-<li>
-<p>
-Key derivation is done using a 16 byte secure random salt (OpenSSL&#8217;s RAND_bytes)
-</p>
-</li>
-<li>
-<p>
-Each "page" in the database is encrypted separately
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Multi-platform and language support: Android, Linux, Mac OSX, iOS, and Windows with C/C++, Java, .NET, Ruby, PHP, Python
-</p>
-</li>
-<li>
-<p>
-Has both an open source (Community Edition) and commercial licensed versions
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Community Edition is available via BSD-style license
-</p>
-</li>
-<li>
-<p>
-Android Community Edition binaries are available free of charge at <a href="https://s3.amazonaws.com/sqlcipher/SQLCipher+for+Android+v3.1.0.zip">https://s3.amazonaws.com/sqlcipher/SQLCipher+for+Android+v3.1.0.zip</a>
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Basic Android walk-thru instructions (assumes Eclipse/ADT, not Android Studio) available <a href="http://sqlcipher.net/sqlcipher-for-android/">here</a>
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-In code, the major change is the import and use of <span class="monospaced">net.sqlite.database.SQLiteDatabase</span> rather than <span class="monospaced">android.database.sqlite.SQLiteDatabase</span>
-</p>
-<div class="listingblock">
-<div class="title">Sample SQLCipher Integration:</div>
-<div class="content"><div class="highlight"><pre><span></span><span class="kn">package</span> <span class="nn">com.example.android.sqlsecure</span><span class="o">;</span>
-
-<span class="kn">import</span> <span class="nn">net.sqlcipher.database.SQLiteDatabase</span><span class="o">;</span>
-<span class="err">…</span>
-
-<span class="kd">public</span> <span class="kd">class</span> <span class="nc">SecureDbActivity</span> <span class="kd">extends</span> <span class="n">Activity</span> <span class="o">{</span>
-    <span class="err">…</span>
-    <span class="kd">private</span> <span class="kd">static</span> <span class="kd">final</span> <span class="n">String</span>  <span class="n">SECURE_DB_NAME</span> <span class="o">=</span> <span class="s">&quot;demo_secure.db&quot;</span><span class="o">;</span>
-
-    <span class="kd">private</span> <span class="n">File</span>            <span class="n">mDbFile</span><span class="o">;</span>
-    <span class="kd">private</span> <span class="n">SQLiteDatabase</span>  <span class="n">mDb</span><span class="o">;</span>
-    <span class="err">…</span>
-
-    <span class="nd">@Override</span>
-    <span class="kd">public</span> <span class="kt">void</span> <span class="nf">onCreate</span><span class="o">(</span><span class="n">Bundle</span> <span class="n">savedInstanceState</span><span class="o">)</span> <span class="o">{</span>
-        <span class="kd">super</span><span class="o">.</span><span class="na">onCreate</span><span class="o">(</span><span class="n">savedInstanceState</span><span class="o">);</span>
-        <span class="n">setContentView</span><span class="o">(</span><span class="n">R</span><span class="o">.</span><span class="na">layout</span><span class="o">.</span><span class="na">secure_db_layout</span><span class="o">);</span>
-        <span class="err">…</span>
-
-        <span class="c1">// Init SQLCipher *before* we make any SQLite calls</span>
-        <span class="n">SQLiteDatabase</span><span class="o">.</span><span class="na">loadLibs</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
-        <span class="n">mDbFile</span> <span class="o">=</span> <span class="n">getDatabasePath</span><span class="o">(</span><span class="n">SECURE_DB_NAME</span><span class="o">);</span>
-        <span class="n">mDb</span> <span class="o">=</span> <span class="n">SQLiteDatabase</span><span class="o">.</span><span class="na">openOrCreateDatabase</span><span class="o">(</span><span class="n">mDbFile</span><span class="o">,</span> <span class="s">&quot;myFakePw&quot;</span><span class="o">,</span> <span class="kc">null</span><span class="o">);</span>
-        <span class="err">…</span>
-    <span class="o">}</span>
-
-    <span class="err">…</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-</ul></div>
-</li>
-</ul></div>
-</div>
-</div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_remembering_users_with_accounts">9. Remembering Users with Accounts</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-Given the potential dangers around applications leaking persisted data on the file system, one option for storing user credentials is the <a href="https://developer.android.com/reference/android/accounts/AccountManager.html">Accounts Framework</a>.
-</p>
-</li>
-<li>
-<p>
-Accounts allow the system to manage access to credentials and authorization tokens for web services.
-</p>
-</li>
-<li>
-<p>
-This presents two useful options to application developers:
-</p>
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Use an existing account on the system (like the user&#8217;s Google account) rather than inventing your own.
-</p>
-</li>
-<li>
-<p>
-Add your own account authentication logic (via a custom <span class="monospaced">AccountAuthenticator</span>) to the framework to get the credentials storage out of the application space.
-</p>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-The following is an example of how an application can use the <span class="monospaced">AccountManager</span> service to authenticate a user using their Google account:
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">The following method will work for accounts from any active service (e.g. Twitter, Facebook, Microsoft Exchange) that use the accounts framework. For Google accounts specifically, <a href="http://developer.android.com/google/auth/http-auth.html">Google Play Services</a> now provides a much simpler API.</td>
-</tr></table>
-</div>
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Accessing the accounts framework requires two permissions:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="nt">&lt;uses-permission</span> <span class="na">android:name=</span><span class="s">&quot;android.permission.GET_ACCOUNTS&quot;</span> <span class="nt">/&gt;</span>
-<span class="nt">&lt;uses-permission</span> <span class="na">android:name=</span><span class="s">&quot;android.permission.USE_CREDENTIALS&quot;</span> <span class="nt">/&gt;</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-You can ask the user to choose a Google account for authentication:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kd">static</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span> <span class="o">=</span> <span class="mi">1000</span><span class="o">;</span>
-
-<span class="kd">private</span> <span class="kt">void</span> <span class="nf">pickUserAccount</span><span class="o">()</span> <span class="o">{</span>
-    <span class="n">String</span><span class="o">[]</span> <span class="n">accountTypes</span> <span class="o">=</span> <span class="k">new</span> <span class="n">String</span><span class="o">[]{</span><span class="s">&quot;com.google&quot;</span><span class="o">};</span>
-    <span class="n">Intent</span> <span class="n">intent</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">newChooseAccountIntent</span><span class="o">(</span>
-            <span class="kc">null</span><span class="o">,</span>          <span class="c1">// Currently selected account</span>
-            <span class="kc">null</span><span class="o">,</span>          <span class="c1">// List of allowed accounts</span>
-            <span class="n">accountTypes</span><span class="o">,</span>  <span class="c1">// Allowed account types</span>
-            <span class="kc">true</span><span class="o">,</span>          <span class="c1">// Show the picker UI</span>
-            <span class="kc">null</span><span class="o">,</span>
-            <span class="kc">null</span><span class="o">,</span>
-            <span class="kc">null</span><span class="o">,</span>
-            <span class="kc">null</span><span class="o">);</span>
-    <span class="n">startActivityForResult</span><span class="o">(</span><span class="n">intent</span><span class="o">,</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span><span class="o">);</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Determine the name of the account they chose, then find the <span class="monospaced">Account</span> object that matches the selected name from the <span class="monospaced">AccountManager</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="nd">@Override</span>
-<span class="kd">protected</span> <span class="kt">void</span> <span class="nf">onActivityResult</span><span class="o">(</span><span class="kt">int</span> <span class="n">requestCode</span><span class="o">,</span> <span class="kt">int</span> <span class="n">resultCode</span><span class="o">,</span>
-        <span class="n">Intent</span> <span class="n">data</span><span class="o">)</span> <span class="o">{</span>
-    <span class="k">if</span> <span class="o">(</span><span class="n">requestCode</span> <span class="o">==</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span><span class="o">)</span> <span class="o">{</span>
-        <span class="c1">// Receiving a result from the AccountPicker</span>
-        <span class="k">if</span> <span class="o">(</span><span class="n">resultCode</span> <span class="o">==</span> <span class="n">RESULT_OK</span><span class="o">)</span> <span class="o">{</span>
-            <span class="n">String</span> <span class="n">accountName</span> <span class="o">=</span>
-                    <span class="n">data</span><span class="o">.</span><span class="na">getStringExtra</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_ACCOUNT_NAME</span><span class="o">);</span>
-
-            <span class="c1">//Find the matching account for the selected name</span>
-            <span class="n">AccountManager</span> <span class="n">accountManager</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
-            <span class="n">Account</span><span class="o">[]</span> <span class="n">accounts</span> <span class="o">=</span>
-                    <span class="n">accountManager</span><span class="o">.</span><span class="na">getAccountsByType</span><span class="o">(</span><span class="s">&quot;com.google&quot;</span><span class="o">);</span>
-            <span class="k">for</span> <span class="o">(</span><span class="n">Account</span> <span class="n">account</span> <span class="o">:</span> <span class="n">accounts</span><span class="o">)</span> <span class="o">{</span>
-                <span class="k">if</span> <span class="o">(</span><span class="n">account</span><span class="o">.</span><span class="na">name</span><span class="o">.</span><span class="na">equals</span><span class="o">(</span><span class="n">accountName</span><span class="o">))</span> <span class="o">{</span>
-                    <span class="c1">//Found a match, get an authentication token</span>
-                    <span class="n">getToken</span><span class="o">(</span><span class="n">account</span><span class="o">);</span>
-                    <span class="k">break</span><span class="o">;</span>
-                <span class="o">}</span>
-            <span class="o">}</span>
-        <span class="o">}</span>
-    <span class="o">}</span>
-    <span class="err">…</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Using <span class="monospaced">AccountManager.getAuthToken()</span>, we can ask the accounts framework to asynchronously authorize the user:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kd">static</span> <span class="kd">final</span> <span class="n">String</span> <span class="n">SCOPE</span> <span class="o">=</span>
-        <span class="s">&quot;oauth2:https://www.googleapis.com/auth/userinfo.profile&quot;</span><span class="o">;</span>
-<span class="kd">static</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">REQUEST_CODE_AUTHORIZE</span> <span class="o">=</span> <span class="mi">1001</span><span class="o">;</span>
-
-<span class="kd">public</span> <span class="kt">void</span> <span class="nf">getToken</span><span class="o">(</span><span class="n">Account</span> <span class="n">selectedAccount</span><span class="o">)</span> <span class="o">{</span>
-    <span class="n">AccountManager</span> <span class="n">accountManager</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
-    <span class="n">accountManager</span><span class="o">.</span><span class="na">getAuthToken</span><span class="o">(</span>
-            <span class="n">selectedAccount</span><span class="o">,</span>  <span class="c1">// Selected account</span>
-            <span class="n">SCOPE</span><span class="o">,</span>            <span class="c1">// Auth scope</span>
-            <span class="kc">null</span><span class="o">,</span>             <span class="c1">// Auth options</span>
-            <span class="k">this</span><span class="o">,</span>             <span class="c1">// Host activity for auth UI</span>
-            <span class="n">mCallback</span><span class="o">,</span>        <span class="c1">// Auth token callback</span>
-            <span class="kc">null</span><span class="o">);</span>
-<span class="o">}</span>
-
-<span class="c1">//Callback to handle auth token request results</span>
-<span class="kd">private</span> <span class="n">AccountManagerCallback</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;</span> <span class="n">mCallback</span> <span class="o">=</span>
-        <span class="k">new</span> <span class="n">AccountManagerCallback</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;()</span> <span class="o">{</span>
-
-    <span class="nd">@Override</span>
-    <span class="kd">public</span> <span class="kt">void</span> <span class="nf">run</span><span class="o">(</span><span class="n">AccountManagerFuture</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;</span> <span class="n">result</span><span class="o">)</span> <span class="o">{</span>
-        <span class="n">Bundle</span> <span class="n">bundle</span> <span class="o">=</span> <span class="n">result</span><span class="o">.</span><span class="na">getResult</span><span class="o">();</span>
-
-        <span class="n">Intent</span> <span class="n">authIntent</span> <span class="o">=</span> <span class="o">(</span><span class="n">Intent</span><span class="o">)</span> <span class="n">bundle</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_INTENT</span><span class="o">);</span>
-        <span class="k">if</span> <span class="o">(</span><span class="n">authIntent</span> <span class="o">!=</span> <span class="kc">null</span><span class="o">)</span> <span class="o">{</span>
-            <span class="c1">//Additional user authentication required first</span>
-            <span class="n">startActivityForResult</span><span class="o">(</span><span class="n">launch</span><span class="o">,</span> <span class="n">REQUEST_CODE_AUTHORIZE</span><span class="o">);</span>
-        <span class="o">}</span> <span class="k">else</span> <span class="o">{</span>
-            <span class="c1">//We are authenticated with the service</span>
-            <span class="n">String</span> <span class="n">token</span> <span class="o">=</span> <span class="n">bundle</span><span class="o">.</span><span class="na">getString</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_AUTHTOKEN</span><span class="o">);</span>
-
-            <span class="c1">//…Use this token to access web services…</span>
-        <span class="o">}</span>
-    <span class="o">}</span>
-<span class="o">};</span>
-</pre></div></div></div>
-<div class="ulist"><ul>
-<li>
-<p>
-If the registered <span class="monospaced">AccountAuthenticator</span> needs the user to enter additional information, this will return an activity <span class="monospaced">Intent</span> you need to launch.
-</p>
-</li>
-<li>
-<p>
-Otherwise, the token will be returned in the callback <span class="monospaced">Bundle</span>.
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-You can now use this token to access this service&#8217;s APIs, or your own.
-</p>
-</li>
-</ol></div>
-</li>
-</ul></div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_encryption">10. Encryption</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-Enhanced privacy and integrity of data (beyond the application sandbox) can be achieved using encryption
-</p>
-</li>
-<li>
-<p>
-On-device data encryption is usually done via Java Cryptography Extension (JCE)
-</p>
-</li>
-<li>
-<p>
-The <em>key</em> to secure on-device encryption is not storing the decryption keys on the file system
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-If the file system is compromised (e.g. rooted) the keys are just as easy to obtain as the data
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-The chosen method of encryption should rely on information that cannot be obtained by dumping <span class="monospaced">/data</span>
-</p>
-</li>
-<li>
-<p>
-The workhorse of encryption/decryption is the <a href="https://developer.android.com/reference/javax/crypto/Cipher.html"><span class="monospaced">Cipher</span></a>:
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-To encrypt to a byte array:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
-<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="c1">// derived key for chosen algorithm</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-To decrypt the same byte array:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// read encrypted buffer from somewhere</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-To avoid keeping large blocks of data in memory, there&#8217;s <span class="monospaced">CipherInputStream</span> and <span class="monospaced">CipherOutputStream</span>:
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-To encrypt to a file/stream:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
-<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="c1">// derived key for chosen algorithm</span>
-<span class="n">OutputStream</span> <span class="n">out</span> <span class="o">=</span> <span class="k">new</span> <span class="n">FileOutputStream</span><span class="o">(</span><span class="s">&quot;some-file&quot;</span><span class="o">);</span>
-<span class="k">try</span> <span class="o">{</span>
-    <span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-    <span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
-    <span class="n">out</span> <span class="o">=</span> <span class="k">new</span> <span class="n">CipherOutputStream</span><span class="o">(</span><span class="n">out</span><span class="o">,</span> <span class="n">cipher</span><span class="o">);</span>
-    <span class="n">out</span><span class="o">.</span><span class="na">write</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
-    <span class="n">out</span><span class="o">.</span><span class="na">flush</span><span class="o">();</span>
-<span class="o">}</span> <span class="k">finally</span> <span class="o">{</span>
-    <span class="n">out</span><span class="o">.</span><span class="na">close</span><span class="o">();</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-To decrypt the same file/stream:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">InputStream</span> <span class="n">in</span> <span class="o">=</span>  <span class="k">new</span> <span class="n">FileInputStream</span><span class="o">(</span><span class="s">&quot;some-file&quot;</span><span class="o">);</span>
-<span class="k">try</span> <span class="o">{</span>
-    <span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-    <span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
-    <span class="n">in</span> <span class="o">=</span> <span class="k">new</span> <span class="n">CipherInputStream</span><span class="o">(</span><span class="n">in</span><span class="o">,</span> <span class="n">cipher</span><span class="o">);</span>
-    <span class="n">in</span><span class="o">.</span><span class="na">read</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span> <span class="c1">// do properly</span>
-<span class="o">}</span> <span class="k">finally</span> <span class="o">{</span>
-    <span class="n">in</span><span class="o">.</span><span class="na">close</span><span class="o">();</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-</ul></div>
-</li>
-</ul></div>
-<div class="sect2">
-<h3 id="_password_based_encryption">10.1. Password Based Encryption</h3>
-<div class="ulist"><ul>
-<li>
-<p>
-One secure method for encrypting data is to rely on a user-entered password to derive the encryption key.
-</p>
-</li>
-<li>
-<p>
-This type of encryption pairs well with the <a href="http://en.wikipedia.org/wiki/Advanced_Encryption_Standard">Advanced Encryption Standard</a> (AES) cipher algorithm.
-</p>
-</li>
-<li>
-<p>
-AES is a <em>symmetric-key algorithm</em>, meaning it uses the same key to encrypt/decrypt data.
-</p>
-</li>
-<li>
-<p>
-Advantage: Key is not stored anywhere an attacker can search without "shoulder surfing"
-</p>
-</li>
-<li>
-<p>
-Disadvantage: Requires asking user for passcode repeatedly, or caching in memory (reducing the security factor).
-</p>
-</li>
-<li>
-<p>
-We can use the following steps to derive a password-based key:
-</p>
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Android only supports the "PBKDF2WithHmacSHA1" key derivation algorithm, which requires a random <em>salt</em> to apply to the password (to reduce brute-force capabilities).
-</p>
-</li>
-<li>
-<p>
-The Cipher Block Chaining (CBC) mode is well-supported for AES on Android, which also requires a random <em>initialization vector</em> for encryption.
-</p>
-</li>
-<li>
-<p>
-We can generate all the necessary bits with the help of <a href="https://developer.android.com/reference/java/security/SecureRandom.html"><span class="monospaced">SecureRandom</span></a>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AES/CBC/PKCS5Padding&quot;</span><span class="o">);</span>
-
-<span class="c1">// Do *not* seed secureRandom! Automatically seeded from system entropy.</span>
-<span class="n">SecureRandom</span> <span class="n">random</span> <span class="o">=</span> <span class="k">new</span> <span class="n">SecureRandom</span><span class="o">();</span>
-
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="mi">32</span><span class="o">];</span>
-<span class="n">random</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">salt</span><span class="o">);</span>
-
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">iv</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="n">cipher</span><span class="o">.</span><span class="na">getBlockSize</span><span class="o">()];</span>
-<span class="n">random</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">iv</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-The <em>salt</em> will be necessary to derive the <span class="monospaced">SecretKey</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kd">private</span> <span class="n">SecretKey</span> <span class="nf">generateSecretKey</span><span class="o">(</span><span class="kt">char</span><span class="o">[]</span> <span class="n">passphraseOrPin</span><span class="o">,</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span><span class="o">)</span>
-        <span class="kd">throws</span> <span class="n">NoSuchAlgorithmException</span><span class="o">,</span> <span class="n">InvalidKeySpecException</span> <span class="o">{</span>
-    <span class="c1">// Number of PBKDF2 hardening rounds to use. Larger values increase</span>
-    <span class="c1">// computation time. You should select a value that causes computation</span>
-    <span class="c1">// to take &gt;100ms.</span>
-    <span class="kd">final</span> <span class="kt">int</span> <span class="n">iterations</span> <span class="o">=</span> <span class="mi">1000</span><span class="o">;</span>
-
-    <span class="n">SecretKeyFactory</span> <span class="n">secretKeyFactory</span> <span class="o">=</span>
-            <span class="n">SecretKeyFactory</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;PBKDF2WithHmacSHA1&quot;</span><span class="o">);</span>
-    <span class="n">KeySpec</span> <span class="n">keySpec</span> <span class="o">=</span>
-            <span class="k">new</span> <span class="n">PBEKeySpec</span><span class="o">(</span><span class="n">passphraseOrPin</span><span class="o">,</span> <span class="n">salt</span><span class="o">,</span> <span class="n">iterations</span><span class="o">,</span> <span class="n">KEY_LENGTH</span><span class="o">);</span>
-    <span class="kt">byte</span><span class="o">[]</span> <span class="n">keyBytes</span> <span class="o">=</span> <span class="n">secretKeyFactory</span><span class="o">.</span><span class="na">generateSecret</span><span class="o">(</span><span class="n">keySpec</span><span class="o">).</span><span class="na">getEncoded</span><span class="o">();</span>
-
-    <span class="k">return</span> <span class="k">new</span> <span class="n">SecretKeySpec</span><span class="o">(</span><span class="n">keyBytes</span><span class="o">,</span> <span class="s">&quot;AES&quot;</span><span class="o">);</span>
-<span class="o">}</span>
-</pre></div></div></div>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">See <a href="http://android-developers.blogspot.com/2013/02/using-cryptography-to-store-credentials.html">Using Cryptography to Store Credentials Safely</a></td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-This key is used to initialize the <span class="monospaced">Cipher</span> and encrypt some plain text into ciphertext:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">String</span> <span class="n">passphrase</span> <span class="o">=</span> <span class="c1">// user entered password</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
-<span class="n">SecretKey</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
-
-<span class="c1">//Pack the result in a cipher text blob</span>
-<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-We can use the same process to decrypt the ciphertext data:
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">The same salt and initialization vector are required for decrypting the data, so they must be saved somewhere. These values are NOT secret, so it is safe to persist them.</td>
-</tr></table>
-</div>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="c1">// retrieve from encryption step</span>
-<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">iv</span> <span class="o">=</span> <span class="c1">// retrieve from encryption step</span>
-<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// encrypted ciphertext</span>
-
-<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AES/CBC/PKCS5Padding&quot;</span><span class="o">);</span>
-
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-For more details, see <a href="http://nelenkov.blogspot.com/2012/04/using-password-based-encryption-on.html">Using Password-based Encryption on Android</a>
-</p>
-</li>
-</ul></div>
-</div>
-<div class="sect2">
-<h3 id="_keystore_and_keychain_api">10.2. Keystore and Keychain API</h3>
-<div class="ulist"><ul>
-<li>
-<p>
-Since Donut/1.6, Android has had a system-wide <span class="monospaced">keystore</span> for storage of VPN and (later) WiFi authentication keys
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-See <a href="http://www.google.com/support/mobile/bin/answer.py?hl=en&amp;answer=168466">Working with secure certificates</a>
-</p>
-</li>
-<li>
-<p>
-Pre ICS/4.0, applications were not able to access it, so those needing to authenticate via client certificates ended up maintained their own key store (hard to manage across apps)
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-In ICS/4.0, Android adds support for <a href="http://developer.android.com/reference/android/security/KeyChain.html"><span class="monospaced">android.security.KeyChain</span></a>, which provides apps with
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Access to private keys in the system key store and their corresponding certificate chains (subject to one-time user approval)
-</p>
-</li>
-<li>
-<p>
-Ability to initiate installation of credentials from X.509 certificates and PKCS#12 key stores (e.g. for installation of organization CA certs)
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Also, in ICS/4.0, Android uses the screen lock password to protect the system credential storage, which works well with device administration APIs and prevents the user from disabling the password as long as they use the secured credentials
-</p>
-</li>
-<li>
-<p>
-See <a href="http://android-developers.blogspot.com/2012/03/unifying-key-store-access-in-ics.html">Unifying Key Store Access in ICS</a>
-</p>
-</li>
-</ul></div>
-</div>
-<div class="sect2">
-<h3 id="_encryption_using_hardware_backed_private_keys">10.3. Encryption Using Hardware-Backed Private Keys</h3>
-<div class="ulist"><ul>
-<li>
-<p>
-On Android 4.3+, the hardware-backed <em>AndroidKeyStore</em> stores device-specific private keys.
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-See <a href="https://developer.android.com/training/articles/keystore.html">Using Android Keystore Provider</a>
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-We can use these keys with the <a href="http://en.wikipedia.org/wiki/RSA_%28cryptosystem%29">RSA</a> cipher algorithm
-</p>
-</li>
-<li>
-<p>
-RSA is an <em>asymmetric-key algorithm</em>, meaning it uses a separate "public" key to encrypt data and a "private" key to decrypt it.
-</p>
-</li>
-<li>
-<p>
-RSA private keys are stored inside a secure hardware element.
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Typically a Trusted Execution Environment (TEE) on the SoC.
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">KeyChain.isBoundKeyAlgorithm()</span> will tell if other algorithms are also hardware-bound (and, therefore, non-exportable)
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Advantage: This approach doesn&#8217;t require user input (password)
-</p>
-</li>
-<li>
-<p>
-Disadvantage: Key generation is slow. Technically key is retrievable (though it would require dismantling the SoC)
-</p>
-</li>
-</ul></div>
-<div class="paragraph"><p>Here is an example of using a non-exportable key to encrypt a chunk of data:</p></div>
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-To encrypt data with a hardware-bound key, we first need to generate one for the application:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="c1">//Create key pair with self-signed certificate information</span>
-<span class="n">Calendar</span> <span class="n">cal</span> <span class="o">=</span> <span class="n">Calendar</span><span class="o">.</span><span class="na">getInstance</span><span class="o">();</span>
-<span class="n">Date</span> <span class="n">now</span> <span class="o">=</span> <span class="n">cal</span><span class="o">.</span><span class="na">getTime</span><span class="o">();</span>
-<span class="n">cal</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="n">Calendar</span><span class="o">.</span><span class="na">YEAR</span><span class="o">,</span> <span class="mi">1</span><span class="o">);</span>
-<span class="n">Date</span> <span class="n">end</span> <span class="o">=</span> <span class="n">cal</span><span class="o">.</span><span class="na">getTime</span><span class="o">();</span>
-
-<span class="n">KeyPairGenerator</span> <span class="n">kpg</span> <span class="o">=</span> <span class="n">KeyPairGenerator</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA&quot;</span><span class="o">,</span> <span class="s">&quot;AndroidKeyStore&quot;</span><span class="o">);</span>
-<span class="n">kpg</span><span class="o">.</span><span class="na">initialize</span><span class="o">(</span><span class="k">new</span> <span class="n">KeyPairGeneratorSpec</span><span class="o">.</span><span class="na">Builder</span><span class="o">(</span><span class="n">context</span><span class="o">)</span>
-        <span class="o">.</span><span class="na">setAlias</span><span class="o">(</span><span class="n">KEY_ALIAS</span><span class="o">)</span>
-        <span class="o">.</span><span class="na">setStartDate</span><span class="o">(</span><span class="n">now</span><span class="o">)</span>
-        <span class="o">.</span><span class="na">setEndDate</span><span class="o">(</span><span class="n">end</span><span class="o">)</span>
-        <span class="o">.</span><span class="na">setSerialNumber</span><span class="o">(</span><span class="n">BigInteger</span><span class="o">.</span><span class="na">valueOf</span><span class="o">(</span><span class="mi">1</span><span class="o">))</span>
-        <span class="o">.</span><span class="na">setSubject</span><span class="o">(</span><span class="k">new</span> <span class="n">X500Principal</span><span class="o">(</span><span class="s">&quot;CN=&quot;</span> <span class="o">+</span> <span class="n">KEY_ALIAS</span><span class="o">))</span>
-        <span class="o">.</span><span class="na">build</span><span class="o">());</span>
-
-<span class="c1">//Calling this also binds the private key to hardware</span>
-<span class="c1">// You could obtain it here with getPrivate(), if needed</span>
-<span class="n">KeyPair</span> <span class="n">kp</span> <span class="o">=</span> <span class="n">kpg</span><span class="o">.</span><span class="na">generateKeyPair</span><span class="o">();</span>
-
-<span class="c1">//Use public key to encrypt data</span>
-<span class="n">PublicKey</span> <span class="n">publicKey</span> <span class="o">=</span> <span class="n">kp</span><span class="o">.</span><span class="na">getPublic</span><span class="o">();</span>
-</pre></div></div></div>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">You only need to do this once, and persist the public key somewhere for re-use. Generating a hardware-bound key is expensive (many seconds).</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Now we can pass the public key to a <span class="monospaced">Cipher</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA/ECB/PKCS1Padding&quot;</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">publicKey</span><span class="o">);</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-To decrypt, we retrieve the private key from the keystore:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">KeyStore</span> <span class="n">ks</span> <span class="o">=</span> <span class="n">KeyStore</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AndroidKeyStore&quot;</span><span class="o">);</span>
-<span class="n">ks</span><span class="o">.</span><span class="na">load</span><span class="o">(</span><span class="kc">null</span><span class="o">);</span>
-<span class="n">KeyStore</span><span class="o">.</span><span class="na">Entry</span> <span class="n">entry</span> <span class="o">=</span> <span class="n">ks</span><span class="o">.</span><span class="na">getEntry</span><span class="o">(</span><span class="n">KEY_ALIAS</span><span class="o">,</span> <span class="kc">null</span><span class="o">);</span>
-<span class="k">if</span> <span class="o">(!(</span><span class="n">entry</span> <span class="k">instanceof</span> <span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">))</span> <span class="o">{</span>
-    <span class="k">throw</span> <span class="k">new</span> <span class="n">KeyException</span><span class="o">(</span><span class="s">&quot;Not an instance of a PrivateKeyEntry&quot;</span><span class="o">);</span>
-<span class="o">}</span>
-
-<span class="n">PrivateKey</span> <span class="n">privateKey</span> <span class="o">=</span> <span class="o">((</span><span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">)</span> <span class="n">entry</span><span class="o">).</span><span class="na">getPrivateKey</span><span class="o">();</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-The private key can then be passed to the decrypt <span class="monospaced">Cipher</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// encrypted ciphertext</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA/ECB/PKCS1Padding&quot;</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">privateKey</span><span class="o">);</span>
-
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-</ol></div>
-</div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_lab_encrypting_file_data">11. Lab: Encrypting File Data</h2>
-<div class="sectionbody">
-<div class="ulist"><ul>
-<li>
-<p>
-To begin, download and import the initial <em>SecureNote</em> application (if you are using our student VMs, you can skip this step and simply open the <span class="monospaced">SecureNote</span> project):
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-Option #1: Clone separately and import:
-</p>
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Download the code <a href="https://github.com/thenewcircle/SecureNote">from GitHub</a>:
-</p>
-<div class="ulist"><ul>
-<li>
-<p>
-As a ZIP archive: <a href="https://github.com/thenewcircle/SecureNote/archive/master.zip">https://github.com/thenewcircle/SecureNote/archive/master.zip</a>
-</p>
-</li>
-<li>
-<p>
-On the command line: <span class="monospaced">git clone https://github.com/thenewcircle/SecureNote.git</span>
-</p>
-</li>
-</ul></div>
-</li>
-<li>
-<p>
-Open Android Studio
-</p>
-</li>
-<li>
-<p>
-Select <em>Import project</em>
-</p>
-</li>
-<li>
-<p>
-Choose the root directory of the cloned project
-</p>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Option #2: Import directly from GitHub:
-</p>
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Open Android Studio
-</p>
-</li>
-<li>
-<p>
-Select <em>Check out project from Version Control</em> &#8594; <em>Git</em>
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-Enter "https://github.com/thenewcircle/SecureNote.git" as the URL
-</p>
-</li>
-<li>
-<p>
-Choose a destination directory on your machine (e.g. <span class="monospaced">~/StudioProjects</span>)
-</p>
-</li>
-<li>
-<p>
-Click <em>Clone</em>
-</p>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-After the clone is complete, select <em>Yes</em> to open the project
-</p>
-</li>
-<li>
-<p>
-Click <em>OK</em> to run the Import Wizard with the default options
-</p>
-</li>
-</ol></div>
-</li>
-</ul></div>
-</li>
-</ul></div>
-<div class="paragraph"><p>After importing, you will need to click File&#8594;Sync Project with Gradle Files</p></div>
-<div class="paragraph"><p>Once the project is imported and open, build and deploy it to a device/emulator. You should see a user interface that looks like this:</p></div>
-<div class="imageblock">
-<div class="content">
-<img alt="images/Lab-SecureNote.png"
-src="data:image/png;base64,
-iVBORw0KGgoAAAANSUhEUgAAAWgAAAKACAYAAACxGuKnAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAL
-EwAACxMBAJqcGAAAAVlpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6
-eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYg
-eG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4K
-ICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6dGlm
-Zj0iaHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8iPgogICAgICAgICA8dGlmZjpPcmllbnRh
-dGlvbj4xPC90aWZmOk9yaWVudGF0aW9uPgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9y
-ZGY6UkRGPgo8L3g6eG1wbWV0YT4KTMInWQAAQABJREFUeAHsnQW8HsXVhyfuISQhQUKcBHfX4O5Q
-3KVIaZHiBVIoUOhHkVKkRUpxdynu7hogkARNQtw93z7n5lz2bt732t6FTfY/+b2yuzNnZp6d/c/Z
-s/PeNGrSpMncoCQCIiACIpA7Ak1z1yI1SAREIBcE5s6dG3jFU6NGjWzTP+PH0n6nrrrYnTNnTpUq
-KVuX8lUK53SjkTzonJ4ZNUsEfgUCiB5CGelCaN26tb2aNWtm+9g/derUMGXKlDB9+nRrHfnSJuqk
-jkUXXTSMGjXK6qpOaGlH06ZNQ5cuXULjxo0tP5/Tpk0LI0eOtH1p25SX8hLovJwJtUMEfkUCiCQi
-17Fjx7DIIouEmTNnhuHDh1cKcbxpSyyxRGjTpo0d++mnn+yzvt4r9bZs2dJeY8eOtWoQ69mzZ5f0
-hhFnjvsEEW8X35lUEOrqBD5ZJs/bEug8nx21TQQyJoDg8VpyySXNKx02bFiVGtddd92w+OKL2z6E
-74knnqhyvH379qFTp04BoZ40aZJ53lUyVLNBvc2bN7eJAa/8t7/9bXjyySfDkCFDbD8iHU9s4zXj
-PeNtDxgwoDIfoo33/OijjwbahCc+efLkWnnTtKOUoDN5kGo7+Xh+JrpSqabjpcpIoEtR0T4RKAAB
-BAOxQ4C//fZb6/EWW2wRdt9997DyyiuHrl27mhDilSJiCCReLq+vvvoqPPfcc+Ef//iHlWvVqpV5
-r6NHj661SGNvueWWC5999lm4+eabw1prrRWWXXZZE0S86hkzZlSeBfK2a9cuTJw40fb16dMnvPvu
-u7YPb5r8bK+xxhqVZTx/qTAM/eHVokULY8AE4SINFwS/Q4cO1hfCOhMmTKg8XlnBvC/khxH1kchL
-GRfqmo7PM1PyQwJdEot2isDCTQDRQJwQN4Rqr732CkcddVRYddVVTZhq03vCIHi7Dz30UDj55JOt
-CCGSMWPG1CjSCC5iPGjQoHD66aeHCy64IAwePDgss8wy5iWPHz8+zJo1q7IZHp8+99xzwzrrrGOi
-uvHGG9sn7Udc8eLfeOMNq/s///lPuOuuu0Lnzp0Dk4aLpRvEHp42gk85JioSdVKGbUI8npZeeunw
-448/Bri5kHOMfjDB0V5EmYRQI9gjRoyw7eqOl5o8rNC8N63iiNPQdxEoCAFCC7wIW9x0001hzz33
-DHjBJPcua0KBl9mvX7/wxz/+MWy++ebhxBNPDM8//7wJfDmPE3FDBCmHOBPWOOOMM6wq2kJCBJOp
-bdu2FrZYb731Al4+iXa6YPK52GKLhR122MGOvfnmm/bp5WwjekNQCckQAuFFwov/4osv7Bji7Pu3
-3nprs0lYhzsMBB1PGxv0gzoJubiQw5B99957rwk/kxX5yh2nvUwO1Yl06WCJNVtvIiACCyMBhI2H
-fIho3759A0KEOCOcCAwJj7O6F8KDHcSKtNpqq1lMmO9+q8/3eHJxpk4EcddddzXPGREluZfLJ7bj
-ydvlYQ+vN1mGcvQD754Ut0MZ96gRz7///e/h008/DRdffLH1g7AJ4kyoBYHnzuDGG28Mn3/+ebj6
-6quNF543D0nxqJdaaimLe++zzz7hyy+/DLfddlu44447LGSzyy672J0E3nu544gz3rX3Jd5f/y6B
-dhL6FIGCEEAox40bZwJDWOHxxx+3nnNbzzEXX3YicPGX7+OTfJ7whgcOHGibCH8ykRfh7Nmzp4Uy
-VlxxxXDllVfaqhEXUy8Tt5vc58f804/7J/v95fv4ROC7d+9uAozY4hH/4Q9/MO8Z0SW5TcIjiPQj
-jzwSLr30UjtG+AdvH1H94YcfAg9Tv//+ezt23nnn2USHmN96660WurnwwgvtGG+ljhPSITHheIzf
-diTeFOJIANGmCBSFALFiPMlDDjnEPGpu0UkIsosV2/497o2yD8+P23OE6sgjjySreZfEauO37eRF
-nPE4hw4davmID7NyBOF0L9jte32WsQHf3FPFY3/nnXfCK6+8YrFzr5fJiruJ3r17mwfNw1ISoSDE
-fP311w/XXnttOOWUU0LPaKI55phjwn777RfwvJ955plKBsTRyUuMHL7lju+2227hvvvuMy6Ifql+
-y4NuwAEgUyKwoBBADPyhFuGN3/zmNyZa7EewXLToj2/7MT4RVkQYG3iIL730knmRiLM/cHMWiDPx
-Vvc433vvPfNc4+LsebP6ZBKgflZmHHDAASaeLMljP/0hsWqFUMXhhx8ejj/+eHtg6vv5/O677/gI
-hx12WDj66KMtFt6jRw/bh8B68nzEtom1k0od92Pxycxt+Kc8aCehTxEoGAGEAS8aTxahXXPNNS3e
-inC4d+zi5WhcnBE2QhPEcfEqfUUG4hwXd+zwwxf3kvE0WSmCOCdtex1ZfdJfD+0g1oQ84omJ6uuv
-v7YXYQceCLJihHgyIZEzzzzTsl9//fW22uTpp58OW265ZdyEfadvJJb+sVImmZwPx0nVcZAHnaSn
-bREoEAEEFe+Oh14k1j/jASJmHhJwD5rjca/38ssvD3/6058qV2RQxsWHvHxHhFg1wZKz+++/P2y2
-2Wa2H1GqTpgon3XyB45ejwvrCiusYOLMflZk0C9facIDTh4qHnHEEVbMJx630dCfEuiGJip7IrAA
-EUBEEWk8RMSHddEDo4d9rA9GmNzTRUzJ66Lqa5979eplD8zKCRXCj1d63XXXmSfqaNyeb/9Sn9Tr
-Qux98brZzwqNTz75xHYR7iBu/uc//znccsstNnkRp+YOgxgzyZcG2sa8N2fBseQkQBav13+uHp/U
-4nb4rhBHkoi2RaBgBFykEZ/+/fsHbuFZ33vOOefYLbqLNPkQH+LNO++8s3nG/KoQoUHM4wnvG1ss
-UbvkkkvsQSTHsYWN6kQpbifr7/F24O3DgPT2228HJh/WdvtKjg8//NAe+rFEkBfJ8yPsnggZkchD
-eIdU6jgTAMknDNtIvEmgE0C0KQJFJIBQIbIIKsLKMjGWn/ELQQSVB3142h999JE9YIMR+ZM/7cY7
-JK//hPuEE04Ixx57rNlwcaase5Hx774vLpocL5c8v3+Wy1duP+Xom08ufCfxYxt+Mo4g94xWa/BD
-HvIQtz711FNtrfPyyy9vKzs4xkTGj2eYiGC04YYb2sNGfgpP4teWyeOI9z333GMPLZnkyvVBAm0I
-9SYCIgABRIq/s8FSM5aT8SCNn4EjPKz95cclJEIXhEXYHxdUxBlR4+9r7LvvvuHss882L5wHioic
-x7XNSPSGMLGPet2Of3oePn1f/DPpeXLM7Xi+uA3/7sdoE39QiYeBJEST+DMhDEIThHxYr02fWGrH
-Wm8Emv1MQO4Vs4oFkf79739vdhDks846y77zBoO//OUvVY6Tn8SDSR5c+iRhO2NvEugYDH0VgaIT
-cMHkF3X86m7vvfe2TwTppJNOMvFmXS8inhRnhI/QCGudDzroIPtDSv6rQn4WXi655+qrGsiX9Cg9
-j9spJ2iUpV28SKXs4PWTWAfNkjv/aTd1MAkdfPDBgbXSlEXE6Rf2/Ac4TFjdunULL7zwgok0P1Dh
-xfI88hIiIvFwFBvEr3klj8MquWbcCsbeJNAxGPoqAiJQ4UUjRv4LO27Pe0XxWDxDHpqVEme4IXAu
-iPxtDpbwIXguruRx75Xvnpd9iDPhExKimPSO/WEbgsafFSXu7eWt0Lw39uGRUzcJW8nEcYQeO6ws
-IVE/efmTqfzJ03KJCYf+82IJHe3h59r8vQ0ehHryfWz791LHq5toKKu/ZgcFJREQgfkIIGQ85GI1
-AoLoQlOdqFAGEfM/Czqf0Rp2IJSIcSnxRbTjf9aznCkEH4GmLaXsUI489INf+tE3/hqdTyTs4xh5
-KO+fCDjeN380iXa6J0678LjZT8JW/G9R13TcCpV5k0CXAaPdIiACFX/9DVFEkBC96sTZeSFIiBq3
-+C56CF0psSQfLxLCjLCXy4ct4sG1TYQlaEspe27Dj8fzsK9cog3eZu+b52VCIJVjVNNxtxP/lEDH
-aei7CIhASQKIUlzESmaK7UQcye/iGztU8it5EUYXsVKZsEVYgVc5u14nv4yszlYp+3ncF/WnUcX0
-lcfWqU0iIAILJAGEsj6pnPDWx9bCUKapPxVdGDqjPoiACIjAwkSgqa/li3cqPvv5jMY+/07eeJ54
-WX0XAREQARFoGAJNk4HupNm4EMe/J/NpWwREQAREoGEJ6I8lNSxPWRMBERCBBiMggW4wlDIkAiIg
-Ag1LQALdsDxlTQREQAQajIAEusFQypAIiIAINCwBCXTD8pQ1ERABEWgwAhLoBkMpQyIgAiLQsAQk
-0A3LU9ZEQAREoMEISKAbDKUMiYAIiEDDEpBANyxPWRMBERCBBiMggW4wlDIkAiIgAg1LQALdsDxl
-TQREQAQajIAEusFQypAIiIAINCwBCXTD8pQ1ERABEWgwAhLoBkMpQyIgAiLQsAQk0A3LU9ZEQAQK
-QoC/jx//G/lZdFsCnQVV2RQBEVioCSDMrVq1sleWIt2gAu0N5Q/78x8B6A/8L9RjVJ0TgUISQOfa
-tWsXPv/8c3vx3bWvoYE0bQiDNA5BpqGkmTNn2v/Qy/93yP/uO2XKFPsv1RdmwYYBfWVWhQUM6He8
-z+Rp3ry55eF/MJ48eXKN/y18ufPjAyJuv1xe7RcBEWgYAlx3/K/iH330UVh33XXN6Ouvvx769+8f
-pk+fXuV6b4gaUws0QoPoIMYffvhhyTbx/x527NgxTJo0ycSrZKYFeCcnjf4PGzbMJiLvynLLLWci
-jWB7ni+++MIPh8UXXzy0adPG/nv42gqt22nbtq3ZgSmTQW3LV1auLyIgAnUmwHX38ccfh7/97W/h
-sMMOs/LXX399OPnkk8OKK65oGteQ12KqEAdigTjjCX766afhT3/6U3j66afDJ598Yq7/G2+8Ea69
-9loTD/bROQQ9mbDDq6ZU23w12UkeL2e33P54efLgNX/55ZfhoIMOCs8880x4+eWXw8CBA8Nnn30W
-FllkEeuz5znjjDPCK6+8Ep544omw2mqrha+++spm5KTNUnWzj4ngm2++Ce+99569hg4davs4lkyl
-bCTzaFsERKB2BNA6whobbbRROPTQQ8Oiiy5qL76zD+cL77ohUyoPmlv6GTNmhB9++MGEefPNN5+v
-bWuvvXbYYostAsJ05513hhVWWMEEnVmGF53GDsLNLcLs2bPn8wZdmMhLIg954wkbeKoc4+WJfRzD
-Bp4mie0mTZpUbrds2dLKTJs2zeomL3moj/KzZs2yfrI/mdjnJ2WZZZYJm222mWVZdtllTYTffvvt
-wH7Ps9JKK4X111/f2nPXXXdZXurx/sTr9X76pEY7Bw0aFPbdd9+w1157WVtheuuttwbqi7ef/lFn
-Te1P9kfbIiAC+SFQb4FGmPCI33///XDbbbcFF2c8u2effdYEDTFCsHr37h3OOussE2iECPFAlPjk
-dsETQta6deswceLESqFEYNq3bx/GjBljXqrnxTaTA6JEnlGjRlm5zp07mw1Ejf3EgX/66ScLJTDj
-sW/06NFmr0+fPtYGvHsS24gisfSpU6faXYHXx+0LQs1+bMSTCzcTgE8OnTp1Cn/5y19sckIoPQ9t
-JmHH8/ox+ul3I26fCY0EExd5eO600062/5133rFPeMICW3VtvxnQmwiIQLUEuHaJNb/00kvhhhtu
-CIcffrjp1I033mj7sghx1FugudVGNEh4yaTBgweH1Vdf3b77G94dHh9C8+c//zmcc845YZ111gmE
-P0hbbbVVWHrppS12gzdIoqPYdm/ygw8+MJHeb7/9TNi5rX/uuedMiJZaaikTO/dSKYeYUxYBXGyx
-xULfvn3NWx45cqR56gjxKqusEvBuyX/IIYfY54svvhi6du1qDwBoB14qk9C3334bnnzySbNJPYh+
-XKQ95sQn+317k002sYnpvPPOCxtssAEmK48lyxOL9hi+1zt8+PDw6KOPWjn4uSfNxObizncS9jiO
-yPMAg+R2amq/ZdabCIhAjQR45tOvXz+LOf/3v/+1/Fxv7OOYX/s1GqplhnoLNA3BY8NbQwxJeIUk
-Zpkll1zSYqUPPfRQ6NWrV+D23G/jEWfCHog1QokNjg0cONBmJgLweMjsI4575ZVXhh133NFsIkjj
-x48PeI6nnHJKePfddwMP466++mqr9/HHHw977rmnTRpvvvmm2WMbkTr44IMD++6++24LCSC6Xbp0
-CRtuuKF5y4ggIk4sff/997d245lOmDDB7hROO+208Nprr1l99LXcyUAoaTtxZ+JTCLRPZqXK4Bkz
-WeBx09aePXvaRMQJp/+XX365hTGYzO6///7ApIQdXieddFI44ogjwqmnnhp8wBBOOuCAA+zOpT7t
-t5OoNxEQgWoJ+J1vtZlSHqy3QHM7z238999/H7777rvQo0cPE0gEGYHDwyX9+OOPFtrgO0KEUONN
-8uSze/fu5gny0AtbxFERacTsmmuuoUjg9gFhJY0bN85CAAgUIRWOIfBMFL4ighAHCQ+fxOoRvGBW
-kvhEwnf27bzzzhbiIB9iSrrgggtM+JkIEGYEu1u3bmHjjTcO//73v837x4NG+Ah5JBOiiXdLmGfA
-gAGhZyS23BngzZZLiDMifNxxx5noIswjRowwIV5rrbXCZZddZuEcQjHUCXvqJ/m2e9IXXnhh+OMf
-/2h9rU/7y7VR+0VABILpBmHZiy++2BwjmFx33XX5W8XB7OEChbggxIgGni4rORBoxA4PlbTGGmtY
-6AIxPf30002cEVy8aMQdL5BlasSg8TpJe++9d9htt93sO143godY4i3jpa688srhn//8ZxgyZEhl
-W/xBoM9u3kbiR77PPXm2n3rqqXD++eebneWXX95WYiB2nATqJvxC/yiDh33RRRdZOxF4DzlYA6M3
-7PFiIsDTfuGFF+zQdtttF4488kj7Hg9tuKhus802FgZC3BHh3Xff3fgQtydcw6TD3QIrZZjEGBye
-LrnkEsvLyhAmK1aSUD/txw7tR+Br0363qU8REIH5CaBvvoqDJXYdOnSwF3rFXXgWqzgaz9+M2u1B
-THigRbyYkAGNfPXVVy3MQdwXMUWIEY5//OMfFpJANIjLsryMRHwVcSTdfvvt4YEHHrDvxHlJhEGI
-qeKxIjLEohGoY445JrA4nPp58EeiPfFP26hmP8d5wEnYAI8foUNECc0g5oQlWDJHOv744yvjw0w0
-JIQ/Lra2M/ZGu7fffnvzwBFzvGOSTxIu5OxDSBFh6mXyIfTCIngmOEI2JMI4hF1I3lds+CTB4CCW
-zt2Bt5+JknTCCSfUuf1WUG8iIAK1IsA16dd2rQrUMlO9QxzYR6AQSW7D33rrLQtd8GQTj5AYMg/n
-ELzf/e53Jhx77LGHedLEnEmUw9MkHIHn62KLoOF1uvfNqgvEndULeJ3EuI8++mgLX3CMGLcLlRku
-8xYXNrLQdtKWW25pnjR2SNjCYyW+Sx8RYzxRkodQuBOgLeXqJZRDuueee2xCYSIjxkz83JOfUEI9
-JFaicKfAHYV7/sTYuZPgISL9Jrnnnfxen/b7w0YzrDcREIGyBHB8alrF4ZpS1kgdD9RboBEXhJUV
-FYQYSKyOIB7Di4TIIaQ9ozgsoQ9eiKQLDE8+kwnBQ6yJCXuclW2EmHKU58XSOV/1QL2ekiLs++Of
-nsc9YGK1JI9DU697yl7OhcwFGQH1mLbncbtsu8Aee+yxFrfG3oEHHmgPAzlOXhdoj5cThiD27AzI
-58vx6DsiTfJycRvsT9t+bCiJgAiUJxBfxXHTTTfZdZzLVRzEiomJcvvMigFEhQd7CAyeMcJCrBSx
-Y3kdn4QsCE24wNxyyy3mufKADxFGMPFMEZp77703HDzv4SDeKGETbOJ9M0sRv/aHjC60YHUBdbHy
-bY55vXyPJxda6iYh2H/9618ttOKTBALNCxHlISXJRds2qnm74oorwlVXXWVeOHcHJMTVBd1nXdpM
-P8eOHWsPI8jHQ07aQNvj3jfH2Bfve1btpy4lERCB+QmU05T5c9ZvT708aBrlooZAeEyZVRF4z76C
-gyZ5Pv9OrJkHe4QzeODnS8O8+XjZDz/8sG3y0JCEaPGDF+LQnlizTNjgkUceMc/UQTFxkAi5kPzH
-HXx3QeR7PHlZ1nGT+Hk2DwB4IBhPO+ywg9VHjBwP2ct5nuQ2+1n9QR8J++yzzz6VYZx4Xn4mTiKk
-s8suu4Szzz7bJiP2+fppxJlwB4myvGDPjO4p3n76UNf2ux19ioAIlCaAg0W4laXAhHNJWa7iqJdA
-I3R4fcRjeLjGD0gQaTzkBx980B6uIRwcR5QQEh70+Y9T+ESweGDIQzBEm7TtttvaAzPWKvNUlB+5
-8AAND5sHg4giIRUehvHbdxJxWxIeNYmVGDxcQ8wQVISdFBdE96r9k7YRK+dh5q677hp6RiGZo446
-ykIKPOTkxyv0kTAFebhrYAWJh0bcNp/YpL++D9vElPmxDg/+iBNzjBd3DSROsNfL02FiXazzZk30
-gOhhK4ltn7hgT3nOAxMATLhzYdCw8oT6CC0xmGg/ws8DxlLtLzdpWaV6EwERqCTAnayv4mBRBE4c
-ie8sL0bXuL65fhsq1UugqZzbe7/950cSl156qS1D4yfIvFyoyEuDEVs8SeLOzDwIOYKBUG+99dYm
-OAgbCbEh8QARb5vVIHitiCP1egwb7/nEE0+0vPfdd589mMQzJ78nv+33kAf7/QGee9fYZB02sSS8
-TlZw8DCQlRcInd8FIMjEwkku7nx3kSOW7G3zuDKTCt4siRUaTB7Yow3eX0JFTHTUy0TBJ+W8Xo4T
-z+dOgn7873//s0mCUAt3HDA888wz7eemiPTAgQPr1H5rnN5EQATqTQANcKes3kZKFGwSCdrAEvtr
-3EWDEF5EgpmDGCueJqKCeBEv5kEeokcMlqVseNQIGD9uQayYbRBJBBKPm6Vi/PU7HqxxjJUTrILA
-O0Z4ETQElx+23HHHHRbawFv0fHiMCC3tQkzxzhEzRO/rr782D5T12gga7eTvhvDLPMSY+rHz2GOP
-2U/WmR3J4w8oCZkg/PxYhfXQeLEuzPSJvhJyIS6OiBOCwXvFNm3BNssI8fAJwxC+oW388SMmKiYs
-uNBP6qUP/NSbpXLM0PyikL4yKSLYJI/B82MaliyyhppzQcgk3n7WUnNXUq79NZ5sZRABETCdYhkr
-PyzDWWLpK8+k+Lsc6ALXtjuEDYWrUSSE8/+JtjpYR4xZXcCtPLfanugIYugJ8ULUEGMECgH3GDO3
-4IiMJ+8oeeN/W4LjCJ6HNfDGqR8RxSYiRkIM+Wl3MiFweLYeq+U4njnlEVtsJetD3PlrfZ7oB790
-dO+X/cyc2GXi4ISRsOd/A4Tv5GEy4hbJk//6kfrxspnMPHEMgSYx8fGwEMbYwvtG2En0CY5MTuTD
-wyZG5qk27fe8+hQBEaieQPw6JmTJ9cidPs4n1z7bDZlSCzSNodF4faywQGxYhYAHiGggPO4he8Nd
-0DiOUONxInB4vwifx3bdNvnwUskHBEQasUMose1QqJ96yed1s+12fHajLPZoK8e9PPl8wiEPnjt1
-YJd+kNdF0ozG3ugTNilHIi9hirhtvnuohfy0h08Sn0x0cMDjpR68afrBxBZvJ3nZj30mKyYVbNN2
-jjFZ1bX91gi9iYAI1EiAawxN8L+CyR01OhG/1ms0UssMDSLQXhcCgUgh1i4YiAgdKtV48pOXF3nI
-i+DGvVNse3nECzvk41Uqn9ePbfeMyYcNXiRs8IrvswPz3jwf9VHWbXnZeN7kd28TZcqlZHs8n9dL
-GIP2wYJ+8j2ZyBvvK/k8uZ36tN9t6FMERKA8Aa4xd7ZwMktdo+VL1/5Igwp07atVThEQARFYsAm4
-I5SVOEOn3qs4Fmy0ar0IiIAIpCOQpTB7yyrWtfmWPkVABERABHJDQAKdm1OhhoiACIhAVQIS6Ko8
-tCUCIiACuSEggc7NqVBDREAERKAqAQl0VR7aEgEREIHcEJBA5+ZUqCEiIAIiUJWABLoqD22JgAiI
-QG4ISKBzcyrUEBEQARGoSkACXZWHtkRABEQgNwQk0Lk5FWqICIiACFQlIIGuykNbIiACIpAbAhLo
-3JwKNUQEREAEqhKQQFfloS0REAERyA0BCXRuToUaIgIiIAJVCUigq/LQlgiIgAjkhkBT/y+a/I9P
-+2duWqiGiIAIiEBBCPjfmPbPpv7F+8+2RNpp6FMEREAEfhkCcS3275UCHRdm/z/z6tssCXx9yamc
-CIjAgkbAxbQ+7fayrpm+jS2+N/X/5DRp3Ask9/t2dcfjlXh+fYqACIhA0QjUpIXljvt+E+hSYkuG
-Uvt9nxsoGnD1VwREQATqSqCUXpbah934fvtPY+M7aqqYvC7SpfL6sZrylSqrfQ1HwM8DFutyfhuu
-BbIkAsUg4FpX3XVW7li5/ZDjWGUMmh3xi9oz8OnJj9dk1PNXl8/z6LPhCHB+CFk1adLEXvBn35w5
-c8KsWbPsU+ekPG/n17RpxX92Xxtm5IXp7Nmz7SW+5fkuzEdqe95rypc8XjES55FLHnRBdrDJ475f
-n/kg0Lx58zBz5szwww8/hBEjRlQ2arHFFguLL754aNmyZZgxY0blfn2pSoDJDT7w43vXrl1tomOC
-KzX2uT5GjhwZpk6dGjp37hxatWo1n5NTtYbabXldyeuvdqWVa0Ej4Oe7VLsbrbrqqtE4mFvqWMl9
-5K3OYMlC2pkZAT8feHJDhgwJHTp0CGuttVZYYoklTDCmT58efvzxx/Dee++FYcOGheWWW848PS+X
-WcMWIMPOgskNoe3evbvdbQwaNMgEG7Yu0p6X7WbNmoU+ffrYxIeo8+J3BZ63PgjcPtcY3327PrZU
-Jl8E6nouGQP1ikHnq9vFbg0nkZAGYrLPPvuEAQMGhCWXXNJEAy+QQTFt2jTzqF9++eVw8803m6gg
-InUdMAszae4+YLjllluGnXbayTzoN954I5x22mlh7bXXDkx07pjAG6aI+b777hs6deoUnn766XDu
-uefOl7euzKhjwoQJ5pUz2XLXk0bw61q/8mdHwMdPXWqoEuKoS0HlzQcBvLgvv/wyHHXUUWGHHXYI
-rVu3DmPHjg3ffPNNmDJlil3g3Kr37NnThJvvF110UVh22WUtLl2qFz6QEPDapvqUqa3tZL6a6qrp
-eCl7lCG8gbeMWJO4EznkkEPCgw8+GPr27Vsp0uSFDRMgefGaKUfyum0j9hbfX4orx4ljk0488UQ7
-V6+++mq46aabQo8ePcqeK/K77VJ2Oa604BKQQC+45848Z8R4/fXXD5tvvrmFNL744gvzkt98803z
-8hDwlVZaKey3334hCmeFDTfcMAwePDg8/vjjduFzW++JvCT2cdHHtz1P8tPzIC54ev6Akgds7HPx
-oJzn5VgpMUHkXKiwRWKb/eR3+5T3Y3E7br8u7TdD8978joNN6sB73XbbbcMrr7xi4kzfvF3k8Tax
-L94Ojnmi7djFHvn4Tjv57u0kL/u9/qWWWsrODedy0qRJNgl4n90un2n7G7el7/kkoD+WlM/zUmOr
-EAQufsR2jTXWsNjzxIkTzdt78sknzUNeccUVw/LLLx++/fbb8Le//S0MHz48tGvXLmy00UZh/Pjx
-laKCMCA+X331VXjrrbfs2Lhx4+w79jmGUMZFyIWTuCtleChJ/XjzTA6EBBAQypAXQfrwww8tL+EB
-9iXT119/bcexw3FePIDDPvFzPFy+jx492uryyaU+7U/WzXayf4hit27dzIv+4IMPKvvjZb2NpfpC
-HvpPW+Hx/fffh8mTJ4fvvvvOtplY8b6dD7zeeeed8O6771o/6Rt95zV06NDKtpG/ofrr/dBnfgnI
-g87vual1y9q2bWsXLRczQoBg471ykfNCZF577TUTOUIcrDYgxIHgISLk4QHj3nvvHVZfffXQsWNH
-q3vMmDHh/fffD3fffbc9OEMY3AtElD755JOwyy67hHXWWSd06dLFJgzCKgj9E088YQ8niYcTU+X4
-BRdcYF7pCy+8YEJLPdhDCBGrk046yeK5iPDzzz9vAk389w9/+IOFbR544AGL8/br18/afuedd9oE
-RVgHb5MYfE3tj4twEjB9cgGkHz/99FPo1atXWHPNNc32M888Y56thyKS5ePbTJ7w4c7m6KOPtpAF
-fUSIEekXX3wxvPTSS2GFFVawejhnv/3tb81E+/btjQnn6IorrjCRvv/++82bJpzC+WIyK9ffu+66
-y9rJ+aquv/H26ns+CUig83le6tQqPE5EA6FGoP75z3/aJ7foXKCIwsorrxweeughEwU8WC5eEuLI
-Ng+4ECIEwD1cxAkvnPjr5ZdfbiJLOV54dWeccUbYYIMNzCtH7LFFeVaKrLLKKuHWW281kaIeb1ub
-Nm3My2ZCYPkf7XPRp41MJggjnjmCtvTSS1sseNSoUfa9f//+Vj/1IfBMIuQ777zzLB/fq2s/balO
-tPwYfeROZOedd7Z6ie+//vrrJo6Ib3V2mPSYMH73u9+ZQNNORJU2w4c+EG5iBQjxbfazDBKRJpGX
-F6GO3r17mxf+2GOP2URH++hfQ/XXKtRbbgk0iQbGwNy2Tg0rS8BvqwlZcOvMBb/IIovYRc3F/tln
-n5n3yzHEES8TTxbvlvAGQoaQcEt96qmnWmyaCx/PDiF/++23TchYrsdDKsQeTxpRwas+8sgjLT6L
-WGHj4YcfDqwSwYNnVQNCi8Bw2064BM+dh24I38cff2zhDrxqBIfJBTvE0t0bxotmH0KPSBFmwS4h
-F+qjH4RTCD2cfPLJNlFwBxFvP8Lv7UcY77nnHrsTYCJxfg4Y+yxHXHfddW2CoV3/+9//jBUTzqKL
-LmoT0R133GE8qAve6623nrWZ9jwfef1MaqwG2WuvvcJuu+0WmJDYhg93Dni+nDPaRV4mV/rDOSKM
-Q39gxwoOlkZyLihPmCp5vqrrr58vlgyW6q/3W5/5JiCBzvf5qbZ1iAiC9umnn9rFi5DhrRECIDSA
-R4wwEh9GcPFY2eZCR/zwUrfffvuw4447mmDx4BBPGrsIwu23327Cj0AjIJ9//rkJCiLN8jIECgE+
-9thjLT/C/+ijj5rgEvtGhBDfRx55xEIqhEKYGGgvAsxxRJQ8tGnjjTcO3N4jwoRkEM3VVlvNyiLs
-7DvmmGPCs88+G1gCR7/wcGtqPyKFKFIvYkXf6WM8uUDTRtpOPvLfeOONJsK0FX7cjcAB7rySAg1f
-RJnVH+QnL6symLwoi+jjXfPgFpsIP33Bi2apHvFqhJ39iPVll11m4R3q4hnCdtttV2N//XxV1994
-3/U9vwT0kDC/56ZWLeNWGE/stttuMzHBc0ZcEKUB0Zro/fffP5x55pnh/PPPN68MbwyxI+HtIuKI
-L4LM8jtCCggJgklCNPDCEX5CEJTHE8abxSN/7rnnrAzxUrw+vGA8bTxK2kY5UlIQbWfsLenR+iHK
-IZ7EhLnN7xktFySsgnDzAK6m9j/11FNWlnYgioRKsFdTireX2Dfl6B+hDsQUxs7RbcEMEYUBQk2b
-8arhx+oZyvP50UcfWagJzsTo6Q+TG+EpwhweC8ce7SYPdRG75nh154v+xs9XbfvrfdBnvggoBp2v
-81Gv1iAWeM3cQuMF41EipnhS/ss4bpuJJ+PN8sAJb5vjeHEkbrV333138zTxaBEExADPjVtpPFtC
-EiQEA08YMUKIERFEgURbCLcwYSCohE2oB5vJFBfB5LHkNp42dfJC2LCHWNel/X43wSRUU0IkqYN4
-MVx5mMcPWLh7OOywwywGTL/iCc+c1RnsJ8TAHQoT5jLLLGN86AOiTciEB4iIMueHfhCvdw8dmy7S
-xNhhymRHvrr0l/PFT9Fr0994P/Q9PwQk0Pk5F/VuiXu7XIhcyDzc4heDeIyIJV4mooBA7bHHHiYM
-xGq54BESPEKEiFt7RDPpzbKNMBImIFGGfQglgpT0kjmGsPBjGcIgCFdNqSaxxiZ5fPJA+BG3urSf
-tiCS2KpNIh+CCsdrrrnGGCLUhDW23npr4xi3BUdCE4Q4vCwerHPzvPCADxMfE6Hnp02eJ94+9nFe
-6S8rcGp7vugvvErZjNvX9/wSqPnKyW/bC98yLjwuQOLACA9eNGJAeAMvDgElRIFYH3TQQbaMDjHd
-YostAkux8AaxgUggJHjR3P4nxZJtRIWQQjyxnxc24mVoC7fhiBXf+bFFqVQf4fAy1Edb69J++ojI
-way2yQWdkM59991nkxw29txzz3DllVdW6bezcNts4/2WSt4Pjnkf+B7nyLanX6q/Xp8+80FAAp2P
-81DnViCqeGDcxhJfxrPiwRsPnAhHuKdJaKNn5Cnzk2E8aR4eIjaELxBcBATx5YESy+YIfXDrjX3E
-CRFEbLHnnjLeKwnPPV4X+xAS7HF7T8zUV2BwLJlcjFx8ksfLbXt+wip4lrVpP30hXMNdRjnRLFUf
-4kkd3H0QHmJVCQ/qCFsQ8sCbdbH1JYqcF9rINnFn6oYnibzUTzgD759j5Iev20m2A1v08Zfob7Ju
-bf+6BCTQvy7/etfOxczFzcXLAzOEmoucWCYPovCeOc6Li5vkwkpZxMqXwHEMjxsbCAefiIh70ywN
-Q2AIc5CIayJaiA/eOsvdEH3Eijw8fCSejUfPigw8TdZS0xbs8OK2nnbRFiaXcl62VZh4o8/Uwy8T
-mUxINbWfvtBeytY10Ub6xkO8q666yvpFSIhQB31xcaV/cGVyIj93EOTjByk9o0kSIUaU4cWDQUIQ
-nBMe0LI0Mt42vlMvkyNtp7+s6mDJIon+MmmUO19p+ltXPsqfHQGt4siObaaWEQW8V2LJ/OgDwUQQ
-iTGzpIslaMSHuaARCOKoiAQXPaEMRBTB4iEWYoKnfcABB5gHTjlirwgHy75Y2sbf8sAWsWzW5/Id
-gdlkk01McPDGmRT4MQeisemmm5qA8Z22UScChXDwkJE6/MVEgfgRnkHkaGNNyfPUtv0sC6QNXq46
-+6Xy0C7ajmCyNpmJgfbiJbuY0n/WfrOkER4cHxCtpEGwicfDmSV25GOlB2LNj3JghkBzTklujzqZ
-uGDNPiYDVtH4+WKFDndMpc5XXfpbHQsd+3UJaB30r8s/Ve1csFzkLpx4VHhs3H7jySGgPPUn5swF
-63Fp1uLy4wi8WsSE23ZEk9t/X3GA8CD4/JW8zTbbzOz4j1f4oQm2KI+wkI/bb7w8hOfAAw+0yQCB
-/+9//2ueJCKMmNMeJhaEDKGi3l133dVWntBmRIkJB9FCEGkbkwKeJuug6St9RswQfyaL2rafPns7
-Ebx4oi4mNZYQUh+TCm0mTOMTB3XiFbOUjfg9L+40OA+0mSWH7EM06R8s4cMdDn2lDmwfd9xx9kCW
-fax0eT5aigcH2kR9W221lYWTYEGdxLyZMDmfDdXfeN/1Pb8EFOLI77mpsWWICKEFhIcHgXjPeMLE
-SBFVxANvEEFDHPD68Lj5GxY9I28aAUBUiU8feuihJrisTiBEgm3KIZqsOGBlCJ4gYoEw33DDDSZW
-xLL5exP8Ao8y5EfcEbt7773XQhzUhfjzwJKQCMLKD0y22WYbEzfK8AAPb5FJhtAH4kXiO/Z4IYQu
-rLSdY3VtP7zcU00Cpv1eH/XAjHo8wRLvFcHlByxMhv6g1VfSwJwljtdff73xIZTBj1+4g6FPMPWQ
-DoLOckRWz3CMvuB58+MWYve8+PskTCr8TQ4mJ1jV5XxV11/vlz7zS0AedH7PTY0tQzDcq+Mhn/8i
-zQUIccHzJGaM14tgurCQhxcXPMf5k5qIEzYRQhKCznpdBB0h6RkJLWU4jpjwB5EQMsQJMSNxu42X
-x4RBexBkxAcvlNtzhJv4M4n2Icq0nfwIF/uoE0+StiHYeI6UYyKiP9RHveSta/spUyrRb154+NRH
-6IGftPNjHCYHnxi8v4glbSFMxHf6Rrydbergkx+4IPq0F2bYJ8yCAPM3OK699lr7lWT8fOFxUy93
-GfDgGJMXoSaEmv2wqO35KtffUgy0L38E7L+8yl+z1KK6EEA0EEyEECFGEPDuEEUEgguav/PQMxJY
-jwm7fRcc8vEQCoFCVBFc9+Z6Rb9UxHMmD4kyLsjEVPnO7TxChpggQNSPmOBxIkxeDzYJfeBlIq4I
-OoLs4QLaScjERRwR5KEafcEL98kjTfu9bPKTdlIfP77B0yWMw6RF2+OJbfYzuZCX/pOX+LQLIrbY
-T38QcNZP0ycEmoebhDQIgzhTt085bCD2cECkmSxoD3VyjPNbl/PltvW54BGQQC9456xki100/SJG
-GLmI3dvloubi5hY8meJlOY7QkxfR58XxUuUQE6+PMnh75Eeo+U4Z8sQT+Unk5zjtcg+VeshPWb6T
-2Ebo2GZ/qcQx8mC7Lu0vZcvr41ipPnsZr9MnDHjxSib6R95kf8mXFGcvSxvoC5MFbYBPPHndDdHf
-uF19zx8BCXT+zkmDtIiLnBeJC5pXbVJ9y7lQ1bauuuavTdvJU9/219Z+ffPVp7+1KZPX/taXk8pV
-JaCHhFV5LDRbtRXKZIfrW66U95i0Hd+ua/542eq+17f91dlsiGP16W9tyuS1vw3BTDai/wpNEERA
-BERABPJJQAKdz/OiVomACIiAPGiNAREQARHIKwF50Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
-M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlI
-oAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQg
-rwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qX
-CIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/
-BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk
-0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA
-4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARA
-BEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
-M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlI
-oAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQg
-rwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qX
-CIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/
-BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk
-0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA
-4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARA
-BEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
-M2qXCIhA4QnML9CNCs9EAERABEQgFwTmE+hGTZqGRk2a5KJxaoQIiIAIFJnAzwLdqFGYO2dOmPT2
-22HasO9CaPzzoSIDUt9FQARE4NciYCrcKBLj2VOmhhadFg1b33lzWOusk8P0Yd/Lk/61zorqFQER
-EIGIQIWbHAn0nOnTQ9OWrULXfsuETj17hJmjRwSEW0kEREAERODXITBPgeeGRo0ah7lz54RZ02eE
-WTNmBJ4Vzo3+KYmACIiACPw6BGIuMmIcyXLjRpFYR/Fo2tNA+oy9eGI7uS9+XN9FQAREQARCaFoV
-QuRJRzsQz6bRvybRao65c0ur9JzogWK5Y3Gb5CFvXJRnz55dZTueX99FQAREQAQqCFQKdIX/3CjM
-jgR1eiSgw8Os0HnC+DB3xkwTU4TWBZnPNm3ahGbNmlXuKwc0Lsyep7Fi247iV/nknHAOajvJ/iqN
-VKUiIAI/e9BR0CHMimLQbZs2C01btwnrbbhRaNFlsRBdxYbJxZkNLu5Ro0aFcePGhaZNm5YUabzv
-sWPHhrXWWiuss8464d133w1PPvlk6Nu3b9hhhx2s7F133RU6duxoQqFz8csR4A5mwoQJoWXLlqF5
-8+Ylz98v1xrVJAIiUI5ApQfdJBLdSbNmhh5t24UO3VuFjrvvHpq2amlroxFn94T5jii/8cYb4dFH
-Hw3dunULHrKgErwyEvmnRytDWrWKbEUi3Lp1axP1/v37h0UXXdREYerUqZY3+UZZUrxett023709
-yf1se4rnwRav2qSGKBdva7JOv4Oork3VtYFjpDifZH2l6qAc+bj76dOnj02So0ePrjaUlWy7tkVA
-BH45ApUCPSfynttE3vP3kyeFYSNHhfeffyGENq1C3+hC7t69e/joo4/CTz/9ZGENLvTvv/8+dOrU
-yYQSgZ4RrfzAa27RooUJB+Lht9GzZs0yYcBbI5Gfl4tIsruICC9CKHxOmzbNsuDxuXDNnDnTJgAm
-i3idbou2UNYnAfKwj3qrS+ShvUwu1FWbcuSjLzCgXXynrSTa4Mnz0R/aAQ/6mGyTt9P7nWwDNnlR
-lrZSL3mcDfVTlmPs9zrYjyAjzltvvXX48MMPA3cxnN9kG7zN+hQBEfj1CFSu4pgTCWqzaKnd2Jkz
-wtfjx4bHHrw/3H7bbWFMFKYgffPNN+H2228Pr7zySnjqqafCjz/+aBf/8OHDTZAXX3xx88wQcRcp
-91gRDpJv89338T2ZEBLEixDJxIkTQ+fOnW0ymDRpkgkP4RUEZYkllgjt2rULY8aMsTqx6RMDt/Dj
-x4+3ckwklGUb2+US5Wk/gte1a1crO2XKlGrLUQaxHDlypNmmXPv27U0IKUt93ia4wAsPlnzsp754
-Ij/9pr30m9fkyZNtn7edT/gQYqLuxRZbzOqhLYiy1wEfktfBcV6U9xcTnJIIiEA+CVRenUgo656b
-Rhdwy+ii7d5q0TClR5fQbN4FjEe4zDLLWHjCPTjEc6uttgorrLCCeYyI5g8//BCee+4581zxBOuS
-yI/QbbfddqF3797hiy++MG+vQ4cOZmbEiBHh6aeftpj2yiuvXFnnd999Z3UiiHiMCNeyyy4b1ltv
-veBlEezXX389fPrppybq9CGZyLPZZpuFFVdc0UIzHKePb731lnmbTAbxci7O9HunnXYyPggneRDF
-l156KdA2BJu2tW3bNmy//fYWFqKveLmff/55eP75560+RJNJhLj9aqutZu30NhDDx+OlDMzxgr/6
-6qvQr18/Cx/B5c033wxLLbWU8SP0RB3cCQwaNCg888wzJuRHHHGEtQch53yefPLJNum+//77xkqe
-dHJUaFsEfj0ClQJd0YSK9c94drOmToq80opYMccQHTxLLmCO48UiNmuuuaZ505999pnFmrnoEcl7
-773XyiBitU3kpQ7i1niFfOKp473jDS699NJht912M+FBrPGc2UdcGyG6//77rX2I1jbbbGP1I8gk
-BHvLLbe0iWPYsGHmxbrYImT0h4eXa6yxhnmgCCf9oNymm25qD9W+/fZbE0Mvh6BSbueddzZBRYzJ
-Q4ydNsAHDogudey4446BO40vv/zSPOJevXqFtdde29rMpIY3izAzSSDon3zyibGmf7QBD5w+Es+H
-DxMGkxFhC/IzidKHeB09e/a0Omjziy++aO3DKyesQbvgyCREX71ftT1fyicCIpAtgYRA11wZQoOn
-iQeHF0ss+uyzz7ZbbsT12GOPNZHBCyUkUheBpnZEzycBPMbrrrvObvOJox533HEm1AjNjTfeaJ7g
-kksuGY466ijzHPFQEZv111/f7Nx6663htddes04hznvuuacJMN4ieUm0j/oQPR5m0h9sf/3113Z8
-jz32CNtuu60J7gcffGDlyE878UIRSYQWoTznnHOsDG/HHHOMeeII4R133BGOPPLIQFsJEd1www0m
-2Issskg49dRTw0orrRTee+89azveM0J855132j4mno022ijsv//+5ln7JMQkiWf8r3/9ywSZc0Jb
-8aDx3OkDfWOSo12cD+q49tprbeJAuOnrNddcE1ZZZRUTaGwqiYAI5IdAnQWaix4xQDQQTW6zCXHg
-tRE7xYtEuNmuT3Lx45NwB54oHh+CiZfILT7fERxEllACDwIRWAQG4SE/oRY8ywEDBpgA8x2PEe8W
-IUZcEVnK8ELIHnjggYB3zV0A3i4eJfFi2kLowicb/6Q8Akq7iCkffPDBFrIgBowtJhjq6dGjh3ms
-5MN7JvSCt0s+7hCWX355azNiT0hmyJAh1sdVV13V2kAfCc/QBtpP/bRt6NChJvp40/SBycDrWHfd
-da3tiDD1cCfABEFeuJEfe4SS/GFjfc6XyoiACGRHoE4CjTBwYSNMiAnf8fh4kdgmDxc8glffFLeD
-wOFRuijySSiA/XjsbPsx8vkSPiYIPG4/hk3ahIdN2xF17gbYT3+whWARo0XoKOft8O/k9+Tl6Cvi
-ufHGG5vnToiEiQChx3vHLqJIPsIIv/nNbyptY4u+UL//8IfvPBQkL33kxeTz8ssvW17a6InvtIk6
-mHTY5rXXXntV6Xe8DsTeQxn0AQ58KomACOSPQJ0E2i/k+CfeHhc5whJPCAG38J43fqy2372sC6SX
-K7ef4xyjLXjfeI8II4LkQo2HiUfs4kwZjiGKeM2Ebohb452ykgKh33DDDS0P5eIJuwgpP8AZPHiw
-xeOJlXfp0sUeZCL0Dz/8cCUfOBHbjrOivbyIBeP5k7yt8e/kcWG1TNFbfJ/3sVwdHCdeTn8o5yle
-l+/TpwiIQD4I1EmgaTIXNBc4nigix0Mx1tIShyX8gDDj9XHr7N5s1l11wUGMCbOwTVuIrxKTdQHm
-GOJICMb7wTaiRj4Elf78/e9/t7ANq0jwjEslyuOxE5LYd999LaTyyCOPWJ8JexAPXn311a0u4uh4
-uYQ1HnvsMRN/wh60EWEm9YxCMxyHHR4+EwZ8qYeQEg9jmQyoI57oK/kI4Xgd5OHBarIO+o2n7rz4
-hBl1KImACOSPQFW3d772VYixX9BcyHhiLBvDY0SI+Bk3KxEQB8QFQePBF3FVxJoy8fJUwbbvS1bp
-YhE/Xu57vCx5CGEQn8Z7ZsLgVh8RRITxTo8//vhw0EEH2eQS92Kx4+1EJPk5OitE8KYJWSCA7nV7
-neRHoBFNHkqyysKX9BFXRlRpE2VJQyOPnNgvDyqJBXv5Aw44IJx44okWoqDteLmsTCFsxEM9Hkwi
-tKzsoF0IMQnb/qIvtI+7GeogjIIN6uAcHXjggVYHYsw5InGMcoRiOHdsK4mACOSLQDUedIUYE78k
-rsnFjDgjCsREEYN33nnHBJoVBoQTuMjxREksEUMcECiPlbJNQiiwi71kciEkD3VSH3bZTxn3+NhP
-4pP9vMhHXcRrWXmx+eab2xI8whrEgYnTsp4YkXJBog0IO+1HrHiY9tvf/rbygSICTF4mJa+PT8rh
-jcKBJYY8tGQFC5MD9liHjJjCgYeor776qj1IxD6xcY5RnnwIOvboG6s8WAfO0j08cPqHZ4+XT79I
-zsDcj1kAAEAASURBVAG2HKcsExAxb0IYyy23nLUFsY/XwYTCuaNuJi6W75111ln2K1HCOog7tpRE
-QATyQaBJdEEP5H9OmTN1WmjRuWPos+kmYdr4CWHwXXeHZksuHjp37GSCgHfHwy9EhIsYESIEgPgR
-ayacwcWPKPBLQ26x2YewIRKIHyEGbt+J0eKhIm4IoCeEENscR4SoE08U0WU/8V0+WQnh4s82HimC
-42uXESAEl/YgytSJl8jDPEQOT5dy8UR9eLnURX9oM21EWOkr/aRP7hF7WfLDAaGkLvpMn/wHOwg2
-7aA+8lGePLSBOtn3+OOP2wREPlZccOdBm/kFJO0gDPLss8/aChnKIcaUZQUNoab4pAUD6iBfvI4n
-nnjC2kBf4MPkR3vZhhX1cvdAP5REQATyQaBRtJRrbqOmTaL/4ioSz/59w1bnnhXGfvNteGyPfUP7
-6DZ7avSgjIdlfrHHL2Auctb/Io6ICV4uAu0XPnnx2hB2RM+FljJ89+VecRSINPaSdbKfuCzHEDi2
-SXwi4gggdZBoFx4nAkte6kKUEDK2432wAtEbdmg/+RBHRI7vtJE+VNde7NFvF0YmDyYjmCB62KVN
-tBHxRcCZuOgjfWJCoizH+WQfjPyhIbZpNwJOXaX40A/6UFMdlHdm9InvtA02pbg4H32KgAj88gQS
-Ar1M2OrcP5lAPx4JdNu11gxhVsUf1+fCL5UQFC5sDxvg2bHt+REAXuxzAUAQ4ttJu17Gbfjxuuyn
-DvLTLuqiXWwjluUSxynnZRAtkrfV21+qPPaxTVlsJDlQBvvw8nx893Jx2952JgaSi6fzwA4v37ZM
-895qWwd1ez+pT0kERCB/BCpi0NzVRhd8pESVf17Um+ri5NvJTxc8LniSb3u+UuVLCYvn57NUmbru
-9zpcfHw7Xk/yO/XSfi+T7Esyf3wbsSMhuKRSZbFPPkTU83k5KzTvzdtaF6ZevrZ1xPtJGSUREIH8
-EahQE7R5TnSRRv8fYbPo9rtpdOtrmh0iz7eWbc7rRV6fdtWnjGOqTdna5MFebfN53fHP2pStTZ64
-TX0XARH4ZQlUCHQkzo1bNA+zoweFIz7/MkwYPiI06xz9OcwyYY1ftomqTQREQASKScBi0NZ1vOjZ
-0R/H/+jL0KRr9LPhJbrgwhWTinotAiIgAjkgUOFB05BIi1lu13qNFUyY51bzMC0H7VYTREAERGCh
-J/CzQM/r6tx5D7sW+p6rgyIgAiKQcwJaX5XzE6TmiYAIFJeABLq45149FwERyDkBCXTOT5CaJwIi
-UFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASpeSIgAsUlIIEu7rlX
-z0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo4p579VwERCDnBCTQ
-OT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARyTkACnfMTpOaJgAgU
-l4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqeCIhAcQlIoIt77tVz
-ERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq45149FwERyDkBCXTO
-T5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASpeSIgAsUl
-IIEu7rlXz0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo4p579VwE
-RCDnBCTQOT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARyTkACnfMT
-pOaJgAgUl4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqeCIhAcQlI
-oIt77tVzERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq45149FwER
-yDkBCXTOT5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASp
-eSIgAsUlIIEu7rlXz0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo
-4p579VwERCDnBCTQOT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARy
-TkACnfMTpOaJgAgUl4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqe
-CIhAcQlIoIt77tVzERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq4
-5149FwERyDkBCXTOT5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwT
-kEDn/ASpeSIgAsUl0LRk1xs1inbPnXeI76Tktu/z477Np+9Llmnoba/T66vvdnVtLmWTfWkTLOLt
-TmuvPuWTbUhu18dmskzSZkNvJ+vTtggsqASia4PLI5bmE+jGTZrEDuurCIiACIjAL0VgzuzZVar6
-WaAjr3nOrNlh5Pvvh1lRFny7pK9TpaQ2REAEREAEGoQAWosYd15p5dC4aeQkz61wpU2gGzVuHKZP
-mhw691g67H3qTaFFy5Zhtil5o2DRjnlyTZmG26ZfFY34+VZ/rrUr6zqoOV5n3bbJPTfiUBGeqOBY
-0Y+I1s89ikUvfs4zj2eUPeqptcHMJLepwQo5/3LbnA9vx7w2VG6XbufP+SuOw4Ei5ds4r47KNtZy
-u7IP1ON1VLSx/La3qaKOn9tUdTuyRsaKxFfMxnbNO6IPEcg3gXnjlmu9ceMmYca0aeHxm24Oo4YN
-Cy3atg1z58wx0bZOcJHOnjM3TJ4xI8yIBJuDFWpsV2ZFR+0iiN4qrpx5F0V8mwzJ/BW7KiqpMGPv
-NI5kglJdmVrarLRXYdYu2nlfYwpUsednRZq3HX14efbMq7Li4LxtNjxPyTbHOczL63b49FTFRrSz
-LEsKJGzWZduKz2tAlTqjjcrtlHVYv2J1JLfnmZ+/H9GBWrfBjFYUoEySPXUoicACTgAneebMGWHO
-3DnREPcxHw33VVddteJSQSiiTHPatY0+owx2Mczrdfy7g0ju+zW2aYv3hfpJvs33hmhT3GayjuQ2
-eT35MbaTbYrv83y1zeP53UZym/2+z23WddttePn6blPObTRkG9wW9pVEYGEgwHUSOciNJ06KPt05
-rgh7VHRvnlfZZOy4ny/whaHj6oMIiIAILAgEIpGeyyKNmAf980PCeR2Y2zTahZrjpfhnuc4ljye3
-y5X7pfcn25Xcrqk9yfzJ7ZrKlzuetJPcTpZLHk9u1zV/snxyO2lP2yIgAtkQ8GvPQ57zaplPoC0m
-6reQ/lmuScnjye1y5X7p/cl2Jbdrak8yf3K7pvLljiftJLeT5ZLHk9t1zZ8sn9xO2tO2CIhANgTK
-XHv6JWE2uGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZc
-ZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARS
-E5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigD
-IiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0B
-CXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUE
-REAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BA
-p0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiAC
-IpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2
-XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAE
-UhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0Yo
-AyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpAN
-AQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVV
-BERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQ
-QKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIg
-AiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0
-NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERA
-BFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdG
-KAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQ
-DQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0Nlxl
-VQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFIT
-kECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMi
-IAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJ
-dDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQRE
-QARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECn
-RigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIi
-kA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZc
-ZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARS
-E5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigD
-IiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0B
-CXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUE
-REAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BA
-p0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiAC
-IpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2
-XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAE
-UhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0Yo
-AyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpAN
-AQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVV
-BERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQ
-QKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIg
-AiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0
-NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERA
-BFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdG
-KAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQ
-DQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0Nlxl
-VQREQARSE5BAp0YoAyIgAiKQDYGm9TXbqHGk7Y0aVRSfOzfMnTOnvqZUTgR+dQKNo/HcaN54nhuN
-5zkaz7/6OVEDQqi9QEeDtlHTpqFRkyYmxrOnTQ9zpk41ho1btQpNWrYIiPbc2bPD3FmzfhZvURaB
-HBJAhJtG47lJNJ5nR2N2xowZYeq88dwqGs/NmzevPDYrGs8u3jnsipq0EBOonUBHnkXjFs3DzAkT
-w7TPPovEeJHQevk+ocVSSxia6T+NClM++jLMnj4+tFxuudCsfbswZ8bMEKKLQEkE8kYAsUWAJ06c
-GD7//POwyCKLhF69eoUllqgYz6NGjQpff/11GD9+fOjfv39o165dmDlzZjScNZ7zdi4X9vY0WnXV
-VcuPOrzmyMMglDHpnXdCh/XXDz022zh06d8vtOncKTRv28b4zJg0OUweNTqM/PyLMOzZF8O4V18N
-bddYwwQaj7oyFLKw01T/ck0AgcVjRqDficbz+tF43mijjcIyyywTOnbsGNq0qRjPkydPDmPGjAlf
-fPFFePnll8Or0XheIxrPlMfbljed69O8UDWuvEAjztEt4Jzo9m7Gtz+GFY46JPTZdKPQrmsXG6Az
-oxDHbLzkKDVp3iw0a9kyGsBzwsQRI8NXz78UPrn6xtB86SVC48iGQh4L1ZhZIDvjIQ084REjRoSD
-DjoobLjhhmGxxRYLxJ+nTZtmXjKda9asWWgZjWfi0D/99JOJ9E033RQWX3xxC4so5LFADoEFstFl
-BZp48pzIW5g1cnRY9+xTQo9117aBPGbosPD9Bx+FMYO/DtOiW0BSy+gWsWPf3mGpVVYKHXv2sIE9
-7PU3w+vnXhyadukUGs+LW9eFEBfUwuap0CcufD6nT59eq/6Rl/RLs6hPW+tyfn/pvIgw3i+e8R//
-+Mew5ppr2nj+9ttvw0cffRSGDBkSxo4da+cGb7p3795hxRVXDEsvvbSN57feeitccskl5mnjhdf1
-ISI8aQPJz2kWDLD9S48V+kGdjG1i+ZrAGu7MlhboCDYCPW3IN2H9888KvTdcP0yL4nVfPPVs+PTG
-W8OMb4aHxot3DHPGTIxaEg28ju3DnB9Hh+Y9lgjLH7Jf6LflZqFlFLf7+uVXw6tnnBda9u5escpj
-ntgkm9+iRfSAMarTEwOZ15QpUxaqW0r69O6774b27dvbbXV8IHNhceETG/UEE/Yh5gz8OCPPk9Wn
-t5X4a79+/Rboiw5u9Oe7774Lp59+elh33XUDYYznnnsu3HHHHWHw4MEWf+bhIImHhT/++GPo27dv
-2HvvvcOAAQNC27Ztw+uvvx4uvPDC0K1bNxPockLLeGYywFunbvJhm09s05a0CVt4+ry8Hdjl9Utf
-N/SRvn788cc2rhkzCgWlPcMV5ZtEt20Dq5iKTjwPBCe99XZY6cTfh/5bbR5mRIP5/TvuDu9ddElo
-3bdPmD1rpq3a6LDGyqF1r25h5tjIk27RLDRfokv46rY7wpwolte5X9/QsVfPMLdN6/DtnXeHlj0i
-kS6zuoN4IBePv/Bqvvnmm9C1a1e7pcRbcXHywejb8bZXd4x8pY6zL26rpu1ydnw/tpL1uE1E4YAD
-DrAHT59++mlo3bq15eU4QjxhwoTw4YcfVnKABxyw2aFDhyqDPlkH9XvyY2zH+5Y8XuqY55k0aVI4
-8MADw3LRQ18uPG+rH19QPmHBpPf222+HY489Nmy22WYmYPfff795xD169Ai8EBU8QISUh4Z4zqzy
-uOuuu+wYYk0+8txzzz2he/fuZSctxvMPP/xgNpiEiW0j7t9//71NBM7dz5Nvw5R98e1S+8hD295/
-/30bH8nrpkuXLjaesrxu/PzTVsJDnTt3Dvvtt5+1n376naLn02f9CMw3lRN3njl+Yuiwwfqhz4CN
-zJP+4slnwsdXXBU6rr9emPH98LD8ofuFzS85Pww47aQw4NST7Dv7OEYe8lIGLxwb2MImtj0hSO5B
-PvHEE+GTTz4xIeATL/OGG24II0eONE+HwcigxFtgsCMWeAo+wLHJQOHi4njcC/X62Mcx8pCXsrSB
-gURim/1Jb55tr598lPE28N2Tl2Uf7aOc22Sbi56HTr///e/D4YcfbqsEfBCTl35vtdVWgVtpvvNC
-rB9//HHz+PDy6IO3G5u0AybJhL14X+PH45zoVzz5McTqyy+/DH/4wx+srdz+O6d4/gXhO31ktQYP
-BIk5M26ef/758M9//jOst956ds4RGO5Q8Prc82UfPMhDXrxtymIDW9iM8+MY4xk7zz77bLj22mtt
-UiDG/dprr4W//e1v4YMPPjB7n0UroThHPl7dC6Y+OGPLE9/ZxzFPbDMJXHnllXbNMIHGrxsmV+66
-GIuMl/peNz7WfLzTFvaR+GSbcc2qF1a7nHnmmTYBMnbom+f1duuz7gSqXqFReVZtTBv0WVj2rNPt
-geDoIUPDp/+5LXSIYnbThn0X1jr9hNB7g/VCdHYqf5zSssMioVMUe263xOLhrb9eZnkps+Rqq4RO
-vXpGKz82CR+cd2Fot/batk6aZjLgGNDM8uuss44NbAYdgw+BwHtbfvnlTZyIFzJIhg2L4t/R7Exa
-eeWVbZAzEF248FJIDBo8Py4yEja5OHydK/YYtDwswt5KK61k7aEtgwYNMk+Ji482MtgQQ7wSLqpx
-48bZxYFd2ke4gnq4xaNsnz59Ko+vtdZaZoML1BN2Xdj9oqMt9AOvjba999579nCKdiMG9BUeQ4cO
-tQdVeNqwInG7zYu+YY8ylMceCXskhANO5HFOeIQsLeOWmHbxSrY1LhZmaAF7gzVL6U4++WQ7h4yh
-22+/Pay22mrGKO5lxrsGJ47BkbyEQhgnMGPlx8UXXxw4vwg6CU6MZ14whyXpmWeeCaeeemo48cQT
-wxtvvBH++9//hlVWWcXEi20S3vhSSy1lMXDO3QorrFDpZDC2cFh8H21ivJAYF4xzJgTay10WDz+x
-t8UWW9h1xXioz3VDPYz7+HiPVnxZu2gTAsy4YbIjIcb0eUEfL9aZHL3NJ9Bz58wOTVq0D4v172cn
-/YcPPrSY86wpU8Pyhx9g4jwnOhlzows+ylDRlWhQIuwI98SDR4RPr785zBk5LlC2c+9etiwPm8lf
-GzKoEA4GNbeg22+/fSUavJZjjjkm/PnPfw7nnHOO7d9hhx3CCSecEPAQbrnlFosTIojDhw838Trt
-tNMsLPLmm2/aRbj66qtbOQQJgWMbQcabQfC32WYbG8h4rQwwBHiXXXaxmCQeEoN0xx13tIsU8cUO
-Nv7617/ahclFyz6WYGFv3333NYE744wzbA3tfffdZ23EE+XCpk9c8O5ZJD+pj8H/r3/9K1xzzTXW
-9kMPPTRcf/31YZ999jFvlvLwGjhwoE1kXCAPP/ywiQWTBO3hIkVUuPX9v//7P7tgl1xySRP9r776
-KsAJz+7JJ58M//vf/ypjsgiBtxXvzEW+8qQsgF8QUCZs4uiMN7xNGOAUwJp91SXKI3LcwVC2Z8+e
-ZstDTvGy2EKgsOvCfdRRR4Vzzz3XHAQmW0SOCRYv2s/DU089FbiLZDxuuummVg/CyPjAMRgQxcAJ
-iXFH6c4I9TJeGPtbbrllZTMeeuihsPXWW4ftttvO7BAiS143lOEhKA4Kd0fJ64Y2Is4+ti+66CJz
-ABi/THiU5XpgDJ1//vl2N0HMnnGp1LAEqgg0IQl+Idh6hb6hTaeOYWY00MYMHhIaL9EpNIlmx26r
-r1bhOUeiSt7KFA1MW+/cvHnotsZq4Yvb7g6zojKUxQa2sDkr+t4kyhMXagY0A5sBQdp1113NY0D8
-CAUQ+yOxzGmnnXYyccbDJpaLWOOFMGDuvfdee0CBsFJu5513tgc8lL3ttttskHIMj5dYGYOQi/SI
-I44Ip5xySvj3v/9tn0wGfD/++OPD5ptvHhicL774Ythrr73sFu64446r9BIQz0svvdS8KS7E8847
-zy4+vKEXXnjBBBkPaoMNNrD9tB+PlaVbJA+38EmCAy8Xbva5R8LFSNp9993NG6MMInDYYYeZmHOR
-UZaJi74jAt7X3/3udybWLBMjftor+lEGIkL7mQh4cIb38/TTT9stPD/QSLbVKl/A3mCHA9AzEtVF
-F13U+swPUDgH8IRXTYk85KUMYgY3VnnAENt4s35usMV3RIx8JCZznqkwsTNpcpyxjqccPw//+Mc/
-TKTJ/9hjj9mETHnG9SabbBL2339/cyA4p+6d+7VDPk/UzfihHsSZUCHXFE5N/LrBiaF+xgPrwEtd
-N6x2Oemkk2wMMjFw3XAngEOAI8PYZwJhMqG/tCvOwtukz/oTiKlsZITBOHVaaNGls/0IZXY0AKeN
-Gx+t1ogu9uWWMaE1cS01sKN9HGsTDd52yy5jZSjLWml+0NJisc5mmzqiEVTZYj+hPqB5eMMtGQ90
-GBTcyuN5IDqvvPKKhQF+85vfmKeMiOIFMJBYEkV8F3Fk8JEfT2K33XYLe+65pw1+jjGouF1k4J51
-1ll2gW288cbWHurh4uHWlTQg8lzwlKiXRD0s09p2220rRZDbVxIPADt16mQDlH3cUl9xxRUWk2OC
-oE486rgHhHhjG2EkcWFx0TH5kJf4M6sG6A9eP+mQQw6xOvDaEQ3CHggtibsE2DzyyCPG4fLLLzcu
-TB4w/fvf/26ePBMYYo0XxzESt+xMSEyMxBMRBtq6ICfElXHFAyzucLjDYCkdk5uPu9r0j7yU4dxj
-gzGCTQ8r+YTKJ3dh5MfrZjJgH04GIshYItR22WWXhZ7RpBE/D0yi/CCGux4mdE+MRR444mEj6kz8
-jBsSHit3Bw888IC9GEuEX5ikyY9TgTj7dcM2D965bvCiEd9S1w1lmNAYx9xxUsb3/elPf7K6zz77
-bGOADa41QoGMF3nRhqfB3qp40A1itWanpEo1DHwGPQ9jGLx4JOwjrspARFS4hWPG5oLAw8UbwMvj
-IiFxK47nsHYU4+Y2FKE58sgjK70GBg3izK0eA4tbN275KYd3QxyPtOyyy9rDFuomMXipB6Hl9o6l
-Vgimx3/xdghHXHDBBXYR0A+EFWEk4flgHwFF9PDU99hjD+sjbf/Pf/5jXgdCwndiegg0ng0CSp8Q
-A9qPt4Yoc4HwQAg7eCyjR4+2uLcvHcOrpv3wIi93GLSbOwZilmzjwTMJ8OALZtwVMDkhDgcffLC1
-lYuTiW1BF2k7Eb/QG+cRXowrJnc+OW+EjRgTTBKcJ84F54GQBZ6xnwfuCPFOET3CZZxLPFQmeMJ9
-OBuMBcY/55/vXCuMUxLfGT/sJ+HZMg5ox8AoJIaXHL9uaJtfN4wprpujjz7aHlTjvCDShLpoI2OD
-PDgaxNiZcAjNeCju6quvtvGu8WLoG+ytqkDjwbVqGaaPHBX4+TY/5+YBYONF24cJg74MkyMPgu1o
-BJi3XaUVUVnCHpNHjwkTBw22tdHk5VeG00ZNCPy9Dv6oknnP0UD2hLfBwGbw4OUhSAwoBIv4Mx4E
-A4EQBzFqBhhCxsD1B4YIH7dvDGrWreJVM2Dc88UG3iWeBZ4ut5CENkgMOkIdiBTeCGEKhI0BTdwY
-D5XEAzzqJdbG7Srt5jtt5aGMe8FcJJ64HeUiISGaPKzy20Ds8fIBzW0zHLgo//KXv1j7KYdgMglw
-C0zYgYv3qquusgsLcWaiYWKAB7erXDyUgR8XMuzwuvHWqBuBYBKhLl7uEeLdlWqre4e0ZUFLtB1P
-Fk5+h4PoMNFztwPrmhI2ED3KcI5wIBirrFzgXHMcjp4YI+SBJcKGt8w45hkL45FxlzwP2Oc8ENMl
-VIU3zd0fY4sX+/iRDOOMNvt5Yuww1j0MSBvuvPNOC3sRs8axuPnmmy0eTZnkdcMknLxurrvuOhNj
-HBrEm7tS+sd459pkUmFS5xh1kxBrd2psh94ajECVEAchCv4q3ZRPvzKh5efbHfv0CnOGjw6zp0wL
-373zXhRkiwZkk4oVHAxOeyGy0b7oLFoeHihShrLYQLSnfDLYbMfjz/SCAciA5ddcCBBPnxFiBjW3
-azzAQ4AR3kcffdQe2vE0Pb70C1HiYR5eBTM6Awqh5ZYOQWLJE+EAvF/qQcB4mk4ifED9xNe4hUX8
-EF7CGFzMrDUlcVFy4WEb4SMvt7PsI96LDRI8PHF7TR4SA5rEhUgZbld5mo/3zgsPHQ+L8ggBiQdG
-/4mElltc4uwkBJpJCh54xIQzsIcAwYuJCe+bhzdMPkxMMMHrRwiYnIhjwwfPDm7E2akXO6R4W+Pi
-YwcXoDdEBRFjrBDaQKzhyPmFRfxcVdct8lKGOxtscO6xiW3qiCcEFH4IMuMVcSUfY5DEWIEp54Hx
-ymTMeWDce+iC0BNOA3eVLM0kUZ4HnYwV9pOww4tJmrs1ko9r+sm5Z5wwRrh7TF433JElr5uBkWNC
-rJwxjofNHSshEa5HHj4zcSDMsPOxzdhHuGvL0xqqt1oRqCLQlGjUOPrzi9PGh5+iP3wE8CVXXTn6
-mxpdQ8vuS4ZBN90ehrz6WmjcqEloGg06fsLNiwd/jaNyQ159PQz6z+1R3qVCs25drSw2sDV7ejQw
-o4GeTAww8jDwSYQziMEhrJ6YnREPPBA8AzxlBBexI/GQiyfzeLGsoOC2DO+VgYvQIrJ4JQgRT8oR
-W/c6iN+xzQWBaJKoh8HLAORCIhEP5sLjYuKi4QEMt4MkPFe8Hy7W+CAlZMOFgtfEigkmIPIx8EkD
-BgywevkkeXnElsStL7eaePJ+oeLpEjZ56aWXLA+3yyQubmKBTEDElYlZczHhOXFh0jdEBu/n+Wjl
-B7F4RIaJiYSAsyKGPtFWJkna6owt0wL4xjmDATFSzg3hAPrpt/c1dYny5KUMZbGBLWxyLJlc+Pkk
-EcvH+yU0wDjBw+U8MN78PHCXxl2OT/LEjxk3eKassiERB6YMLx8v7GfMMIETmyZxJ0i7eLBNe7HJ
-eEb0a7puPIzHuKHd9GGz6Ic9iD53cLSJ8cExYtgcI2EbZ4JreEEfL9ahHL1VjKJYg1iN0XLZ5cLQ
-514ME6NZkb+tsVz08+1xb0drlHt0C29eeGn44N77w6ivh4TpkbDxGh19/+Ce+8Obf700tOzZLcr7
-dvRjlv2tLDawhU1b6RGvKxrsJDwMH5x4ncze3FLywmvgwSGiRByPMAGxX7xNQhIkBjFiQh48F2LC
-LANiyRHCyuyOR8kxwiJMCtgkxIDwUY6EIJIefPBBu5XEU8IGg4/wCBcYng6TBIOSC4V9rENFOOmH
-e6FcSDx4I2xDu4mNc7vLLaVfvFz43EH4oKZdDHImHMSTskw41IVnT0KYmXR4AEUeLhomkoMPPjhw
-e0pfmYi486Cv1EV/SExcMCMPx5mc8LrxmFgKBgfEhLZyQcbbagYWwDc8Wp4twI3YO2ECliwyYcEN
-PvFJ1bvIPo6Rh7yUoSw2ED9sJkMklOEVHwc4BEyynAPuXPCYuXthvOCJch4Yi3jA3Bkh5ITzCMtw
-HXBOmWAJT3jIw2PM1OWrSxB5hJqxypgljIXDgiPB+GOcJ68bJoLkdcNYY7LHMaFdeN6Uxdng+Q3X
-I4mH7ITVEGrGCw8RGb8+/vmulJ7A/D/1jmbkpm1bhwmvvR6aRwOy63L9w6Ldlw6zo59sfxMJc5v+
-/cKPz71sovvjoM/D0JdfC4NuuyeMfOOd0KLbEmHsG2+GFY47Oqy48472l+wGPf5kGHbL7aFVn97R
-2unI45134vwCQJgZ0KzB5UVYgWOcYC4AhBixRVzxivEYmMHx8rhY8Eb44QHrVHnwxkXFjy1YRcFA
-ZtCzbI7bfmwhejx4RPAY+HhC1MUA5wENXjdCxT48DzxL2sR+BA4xZVBzq8rFQ8iBi4q6EFzqpk3E
-OBFIJg++49Vwq/l85L0irvSVi9S9ZhiQhwuRQc+LBzPcJvNwiNSzZ08TTtqDkGMDr4e24NVhmwnD
-+0qfmBTIwy/gWKFB2IMQCtwJ73BnwYVP+7kosU07qBd7tBUGCPv/t3cmQFpVVx4/LCoNNPvWbAJK
-WAV0ABHBIEhSkSRGxolJWRqFEU3QWJNK1DhxRK24JGPKiktM1SRWxZpEJ7FcaibgFmM0ImFYHIMR
-BG3WZmm62UEBM/d3Pk77+vFtvdB83/vO7fr6vXe3d+//nvd/5567PNql2Bz4YjtlYJgXMoO19MgY
-OIWAwMqImjZHfsAGokH+IFAG6Hgp4o/cgSMvRmSBNLh08my4IZcM9JndmxcoRAjW1g7YelEIiMsK
-UsYMkFV6OpAibWSOOlE26gWRQ/TICzKArCOT9JS4B+XnuSF+Ps8N5kSeK0wp3BuZRl5QnFj2Trkw
-sVAf7PCEYT6CsOnFQuTILfgWo7wYxoVyzL5ZUuXG1GZJYQHKoUACq19KbZZ0ePN2adO7mxytZbOk
-YLPsGjZH2VYjp/bvJSOuvkKGsVlSEIoP/rw4tVnS4AGpuc9pHnAE3EwL2JKjQk/eNDLkhfAiAHFH
-Fx+yIgzBMgdp4k/+CDddf3MILAIIGfJwIlAIOJok94OgeLhIS5kQUs6Jy+h71KEpU2a0fR4ISIDu
-KGmIjxaEf9xF62r35GWSro6UizJBohAIxGwO4iQdhMGLgzpF68qDAhb484KirvzMsRoSnMgX00qu
-slq6YjrSdtSPF6ZtloRZixcQL3cw5wVsA7y0JdooZg1suGil9CYgeXpnELy9WOM4cK+oPCMHkDD+
-yBSOlyUvPu5hDnmE7FAKFgQ7MAoGYyZo3BAiZTKHvJCn5Wf+dkQmkXniQJ7pZMqeGxQbiNYcsgIO
-yDRyEZd3k1vCIH9wiDoGF838SJ3dNQ2B9AQd8sRezF7QR6prdbvRQeeGZcvBb2fYbnTLyv+TnWvr
-bzfa/cwhanNmyTcDgZVLlspbd4ftRrt3Te0JHWvIaLHRBCAfhCpdoxpJQ9SEow3gxzmCyzlkSDjn
-ON745IlDUBEoHGkQPsI5t7zRmCAxcwgp94mXCX/IEke43R8CoB52X8ubfCkb18THIdR2f/UI/ygH
-+ZI/cc1ZXNLiz32MUElDXagf+REnV12z4ZRvWa1sxXQEN+SBHhMaJkSDHyYAuugQJkoADqLkhYcN
-F7MGbUAPDvMPvR4wjhNTFIu4PNNOJh8me7ShySvtipyhMaPlQuCYUTB7oAmThjyijmtry6g/dUQW
-cMThHg15bigH9zMZNHknL34m75xTB2QGRxrkl/SUwdJroP9rNAIZCTq0RmrD/gD8YTZI+uYcYeOj
-8mB3gj8OhwUtR0IYrm1opFPC9LyQRO3WumH/o78MGnUfaR3CMu1i1+hSe0JHoIEIQCgQK0SCSeDq
-YLOHCOl1QCaQGtouDkKD/HD0yrBfYxemZwQhnQgCogy8IHh5cI8FQYvG3AEJnoj7aeX8X8EjkJmg
-KTokHd6KMLJ+8mrK+TLowgt0n44OPbrJqaHLjGM70v3VNTpbgwHBXW/82T95pcj4v0JCAJJGy4MM
-MQ8wWwiSxsaL1owJCIepB7JkcAxybqlPXlE2M1tg1qKc1nMqJBy9LC2HQHaCtnIEQWkdFpywZSg7
-3dV9NLbXsZV828NHY8PcaabntRsePhrb2T8aa9D5sfAQgPjQUrFDRz8ai8aKwyZbGQZYMYcwqIj9
-OZ2ZoblrxguElwTmEF4SXLsrbQTyI2gwQpsOXUQ0ana8Y1Ml9u3AsfqQBS6tWoewYAd1k4bC4v8K
-GAEzeaC1oqVi3rCBOOyumDksrCVNDEbKvETcOQJt84YgCIySbxBmHItT2hyz00Hefz8SiFmOLZ11
-4cobVo94chAw8wHkjEOjhpRxkCT+FtaSZNmS99LK+r+CRiB/go5VI75kOxbsl45AUSGQbVZGUVXE
-C5soBI5bSZio2nllHAFHwBEoYgScoIu48bzojoAjkGwEnKCT3b5eO0fAEShiBJygi7jxvOiOgCOQ
-bAScoJPdvl47R8ARKGIEnKCLuPG86I6AI5BsBNJMs2MDofobzycbAq9dMSLAfOFWrdAv8lttx9xm
-n2NcjC2d/DJnk83jCProJ0ekbZu2+gvLT7Kgw0qnbOHxpLni5wqP58d1PE1zX6e7Z0P98ikTeUax
-jKbhHNfYcNLG84jmHw3nvNBdINrwd+Ro2Gkx/NqE1avZnAk/y6fdOQKFiACKA3JqshotY4Sg+TDk
-EenapZt+KSGX4Ecz8XNHoKUROBq2G+DLMLt21ShJR19fVhYEnhWCtt2r+fvRESg0BJDV+FavlLGO
-oDFrtAmaM5+xKWuX2gvZu4SF1oxeHhBAmFmW3atnr7Dh0R7dmzmdrOIHObOnBmncOQKFigA9PGSV
-fV+iLkLQYSvG0F3kxx4ELtBRmPy8kBBANpFRiNc2NIoTNHEQevxdlgup9bws6RBARpFVfmw7YPJc
-R9AkMkG2wHQZuZ8jcLIRMEGmHCaz8TK5DMcR8etiQSAqu/VHTmwsqVhq4uV0BOoGQB0KRyB5CNQn
-6OTVz2vkCDgCjkDRIuAEXbRN5wV3BByBpCPgBJ30Fvb6OQKOQNEi4ARdtE3nBXcEHIGkI+AEnfQW
-9vo5Ao5A0SLgBN1MTWfTvWyKjF03Nfvmyqep5fD0joAj0PII1JsH3fK3L447tm7TWlqHjXniq3yi
-pWdlG2RKnLZ8/TxMOD98+HA0St054bh4fqRh4YU5I3viOVEbKn5sLgSQL5MrkzW7jt4jU1g0fTy+
-5WNpo+GcW3jc36/rI+AEXR+P464QsOod1bJ/337p26+vkm9cuFixtnHjJjmw/4B06lwue3bvlfYd
-2kvfvhW6KiiaKWk3rN8QvFpJRd8+SuT48RI4sP+g7Ni+I6ySOxLI/Yh8cvQTKQ/59e/fT1fFsXou
-k8BH7+HnjkAuBJA59n5AnpBfZIujKRrR9MTD2VfPOUdpIA1+UZkk348//ljzQhHhPP5BXuIQZooK
-+blLj4ATdHpc1BeBra6ulm/fdKMMHDBQfvGLX0hl5Xrp0KFDndAhnDU1tXL55f8k0y6cJp07dw4b
-+OySP732J3nmmWelW7duqi0QD42a9fb3/ei+4PeJPPzQI+rXvn2ZVG3ZKrO+eLHMuGiGCjzCu3fP
-XlmxcqU898xzUhbi8DA4SWdpMA/KCwEIEnk844wzVD7ptUHCVVVVsmPHjjriJB7PwKhRo1SG161b
-Vyf3Z555ppSVlcmHH34o+/fv1zTIZrt27WTEiBFKzBs2bJChQ4fqhlVG4uTJ/bjPpk2bNAw/d+kR
-cBt0elzUt1XrQL47a2XkyJEyavQo6dSpk3x06CMVWiJAolVbquRb86+XedfNk4EDB8qhQ4fk9NNP
-l2vnXSvf/Nb1sm3b9hCvjcaFyCdMnCDnnjtRJk2aJBMmjA/51yjxVlfvDJpyf70X+ZSXl8uIkSNk
-7tw5cufdC/SBQmvhgXHnCDQFAQhx2LBhMmTIEJVLtFzkDTnv27evKg3IGfLWpUsX6dOnj1RUVOg5
-JIw/so9/9+7d9drid+3aVeOyiyBxe/ToIfihXKCcQOAcCXdizt2K/rRnwyi82BHEjz76WGMdDSYH
-SBuH/86dO2XqBVNk1qxZqhHM/9YNMvsrl8m3b7xJt8L80pe+JFOmTJad1WFLzKA1fBy0lKlTpqgW
-gnBOvWBqIPSPgqCm8vv4cOo+L730skyZPE2um3e9vPnmYjn77LNl7j/PlY0bNul9tQD+zxFoIAJo
-sUa6PXv21N7h4sWLZdmyZfL2228rYaIcINtmlmB3S9JAtqRBbiFjtG2InR4ism0b/HBNT5Fw4vLb
-u3evLF26VO/Dvf7yl78I2rWTdO4GdILOgVFKIFOkHOQ7jG6kEiDsu2p3y+TJk9XjxRdflLfeXCIT
-z52gR65x500+T00eBw8elNFnjZaRo0bKqlWr5N1339Wu46jRI7WLiJCzET0Ojbt//woV7J888BM9
-onUPGny6HDhwwLVoRcn/NRUBZA6SRJb37Nkjq1evDmMpG5VwIeT27dur9ovJrra2Vs/xIz6ki2mj
-Y8eO+oOsMf3Ry0RGSQPRExdHzxIzCj8I3PybWoekp3eCbmgLp+RNNQMEvE/o+uE2bNgog88YrMI3
-8PQBsnnTZvWnG0i3bsvmKpk+40Lt6qEVL3lriXb1ZsyYrtr2aaeFWSCaguHDMLoeztFYdoQBym3b
-tqngDx48SAci3cxxDCg/NAgBlA1IE/LEBozpYeLEiWruwFQBOa9fv17zRGtG/jBN8GEExmIwTWCy
-MDMHPUgIHq0ZBYQjcWpqapSITbPGb+zYsTJ69GgZM2aM2qUhaMrjLjsCTtDZ8akXquJ0TKZMuE45
-5diUuaAVMPD3Cb+wnysCjuOBQGsoK2snEydMlH379skv/+NxeeKJ/1RNY2LQjBHgQyGOaRV8auzo
-kaP6IBylexnOcaeGeOTvzhFoCgLI2Zo1a6SyslKzYewD4jznnHPUFg0BQ66QMZrvli1b9Mc5pE16
-wiFt5ByiR2ngSFqI25QInhMjccL5MZDuLj8EfBZHfjhprDZBCNsGQkY4sUYwNQ7NAVcWun54ntI2
-dBmDnbpdGOHGQc7vLHtPbv63f5H+A/oH4a2Rf739Ng1D4LH5YSa5945/D3OtU+o5D8Bp7U5TcoeU
-TwsaOIJOt5LvRbpzBJqCALKEXL7//vuqNUOYDA727t1byXf58uVKxJgvkFFme+AgX/yIj0kEeeTI
-ACPEzRGzBxo6pIyiAlHjh41bn5uQD/fnZwqJZu7/0iLgGnRaWNJ7YlvbWrVNBbC2ZpfO8LAu4fDh
-w+T3C/9bteJXFr4uTEPCbQymj90f7VASRiA7dSqXL35xlv4QdvywU+87WqOkT5ojYQ70lk1bZPmy
-FcFOPVIGBGKnm7lm9RrpWN5RHxTiuXMEGoIAsob9t1+/fjJ+/HjVkFEwMKFByhAuNmTMGpg8IFTO
-BwwYoD9IFz/IGPKFZDFn4MfMJXqLXKNVR8mXeBC9/Xg5kN5dbgRcHcuBEYKGgOEQ1ClTJ4fBkw6q
-GVRU9JFFC1+QmTNnyhe+8AX52c8ekyVLlsiDj94fZnZcrOaM3/9+oXzly5eGLuRZen3vPfeqOQMj
-M4tZbr31Fhk3bqycPfYfgmCnTBnlgcRnzJyu5Dz7H2frA7Bo4aKwAGaPTnViQCb6AOSoggc7AnUI
-IMtowtiLOUeW+DGdjrESSBSt18wbDGgTHwcRY0eGvDGP4I+ZA8InPvlg24bIo478yN/MHsiu3dfl
-OIrU8edO0MdjUs8HoUIwcfNvmK/EyNsfvxUrVsols2bL2HFPyDe+cZVcf/11MmfONap1oG3/6ldP
-yP88v0juuf8ufSCYXvTbJ5+WMePOCvz8d1n1zt/kkku+rNrMN66+MtiaU3br6dOny7Rp01Sg0TZ+
-97vfyX899Vvp17+fj4DXax2/aAgCEDIaMVPgWGQCsWJ3RuPFH8L94IMPlGwxV2zevFntyYyR4JBF
-zBeYQ9CisU0j52je9AbRnjmHoMnTCJm8mCoKGVMGnp2tW7fqTCbyxs9degRajRs3TtGBdAD2zDOG
-alfFQQsWhyBQdAGZaVERhJJBwFZhTw6Op5xyqlSGVVSvv/7noBnvlcGDB8tFM2cE4WZ+6Q75wx9e
-lXVrPwjadlkYKZ8gw0cMl8Vh9sa6dR+E6UjYqyXY5g4EU8gZauJ4e+XbQbj3yaTzztUl3q2DEO8K
-U5uWLv1f+dvf3tPl3t4t/FSIaRtIYO26teGllVpa/Glo6ow4TP3i6K4+Apg6GLBDk+a5h3zRhnfv
-3l1nT2awD/k3okX+mGZHGmzPxMVBzuQFeUPQELApMRC5KThWAvIjHlP3LG8LK+UjnIu9Psq9TtA5
-JIKHG8FlzjMOwWMQEDtxr149pXuPlK2O2Rlbq7YGLQTturX0DtPryss76DWmiaoQxvQ7NBcjWoST
-B2B95YYwgNhPX4ybg+0ZhzbD8u4eIf/yYHdmbw53nyLgBP0pFo05Az9I2swX5IENmR8vPsLQquME
-iuxinoDUjXjxIz5pzY/8IBr8o4Rj/nYvrt2lEHCCboQkAJrO3GjdRs0S6GJ0OZirjHAfCRsbcY5g
-RoUZoSWc9ISZ4ONnGl08jGsEH/OHunCwfFIe/t8QcII2JBp/NDmM5oAM4giz82h4pjDLK57G/ON5
-cB2Pmy5OKfmBR1yDdht0DglAwHROsqQGSuLRIWccxMsv7khvWgdhUYGNhxGOduLOEWgJBLIRZEPD
-MsXP5N8S9UvCPXyaXRJa0evgCDgCiUTACTqRzeqVcgQcgSQg4ASdhFb0OjgCjkAiEXCCTmSzeqUc
-AUcgCQg4QSehFb0OjoAjkEgE6hP0sdldiaypVyqhCLjQJrRhvVoBgfoEfWzBFVNjfHqMy0ehIhCV
-z+i0xWh5XX6jaPh5MSEQld26edAIOiuImMtr6/IzCX8xVdbLmkwEWPzDnHFkNp2c4mdEzgKiqNAn
-ExGvVTEjgLyyXgI5jcpzHUEjxCzLrNpaJRV9Kuot2SzminvZk4kA5Lw1yCorOdmDOx0B48ceE2zI
-ExX6ZCLitSpmBCBnZDUjQRPAcuTa2pqw6Umtnhdzhb3sSUaAZfZHVJh1aXyQ3XQOUkbpyKRlp0vj
-fo7AyUAA/o2TM+Wo06CtUJg3Pt3/oW5XCAsuqKPtUZb+8WS/jJSz8Ph1vDLpwvHLlj4aHs+P63h4
-c9wjnkeue6SLT9ky1StX/Hi94vEJPxHOltWTNz2+1mF/lE9rkf6Opjkj03aePqb7OgInBwEj5nTy
-eRxBU0SEP7or1ckptt/VEciMAEKdi5yjqdMJfzTczx2Bk4VANtlMS9AUNPUAnKwi+30dAUfAEXAE
-2mZjb4fHEXAEHAFH4OQh0DbdFpknrzh+Z0fAEXAEHAFDoFX4JJCNFZmfHx2BZkfABkLyzTgeP9d1
-vvl6PEegmBCITwAoprJ7WR0BR8ARSDQCbX22RqLb1yvnCDgCRYxA/b04irgiXnRHwBFwBJKGgBN0
-0lrU6+MIOAKJQcAJOjFN6RVxBByBpCHgBJ20FvX6OAKOQGIQcIJTkiTSAAALNElEQVROTFN6RRwB
-RyBpCDhBJ61FvT6OgCOQGAScoBPTlF4RR8ARSBoCTtBJa1GvjyPgCCQGASfoE9CULEu2z9ecgOw9
-S0fAESgRBDJuN1oi9W/2arL5VPv27aVr165y4MCB8HWaXbq/drPfyDNUBOxlyAUfm8DxFRX82dfc
-d2tUSE7oP7Dm1xBHu3jb5EasVVjq3TBkc+dZkjFMQPv27Svbt2/XD5oCRKdOnWTPnj3+AYQTIBX0
-Ujp27KgvQx72gwcPKlGUlZXpw8/Lce/evXpnJ4PmbwB7CSLjvAwb4mg7ngv/0k121Jygs+OTMxQh
-Rch69uypHyfdtGmTppkzZ46sXLlSli9friS9b98+1xhyoplfBHop7dq1U8w3btyYNdGAAQOkpqZG
-9u/f7y/JrEg1LBC5Zx+fLl26yI4dOxqW+FjsHj16KEn7NyMzw+cEnRmbnCEQRXl5uXTv3l0qKys1
-/ty5c+XKK6+UYcOGyerVq2XatGnqH7Z1lUOHDum5/2s8AmCO+YiX4u7du4WHfN68efKZz3xG6L2g
-yVVVVcnatWvlqaeekvfee08/gAyRVFdXO0k3Hvq6lJAzH5jmy+q4yZMnqxJiREt4vMdifpYW7fnN
-N9/U9JimLK16+L86BJyg66DI7wTBQ5gQqj59+siGDRs04fjx4+V73/uenH/++drt5hPqaG3z58+X
-hQsXKpHs3LmzwV3B/EpVGrEgZwgZosXdd9998rnPfU4GDhwo0a97Wxtt3rxZXn31Vbnppps0fu/e
-vWXbtm1O0opG4/+BL2YNeiaPPPKItgGE3RDHM/Tiiy/q89GtWzfVpCFvd/URaBiq9dOW3BUCBEmg
-qXE0cv7pT38qM2fOlH79+qnQvvLKK3LOOecoPsRz13QEwBHN2cj5mWeekQsuuEAzXrdunfz1r3/V
-rjZtRI9m1KhRMnToULnqqqtk+PDhcskllyg5G8H7NruNaxPw7dy5s8o5mvPnP/95NXOgEce15kx3
-IA96NKSdMmWKvPHGGwJJM2aQbx6Z8k6avxN0ni0KQfDgMyi1fv16TXXLLbfIpZdequYMwpcuXSo/
-//nPZcmSJaq5IWx0xd01HQFszobls88+q6YjyBqipueSzt15551y+eWXy6RJk+S5555TQkDrw9zE
-gKKTQTrUsvtBrjYgCI6cQ84LFiyQNWvWKPGmM1eQDi0bEsYcRXxekuSBIx/ieJvUx98Juj4ex11B
-vEyb69Wrl9qZMVN87Wtfk6uvvlq1ZEwdaHAQwF133aXpL7744jpBc4E7DtIGe/DgMgjLgOC9994r
-U6dOVU36hz/8oTz++OP6kKOBRR3mpTvuuENWrFgh99xzj0ycOFEefvhhueGGG1Rbw/zhrmkI8MI0
-+Yac33rrrbwztHQ8X+4yI+AEnRkb1dgwW6CpMQg4cuRI+e53vysXXnihatPYM//4xz/K97//fY3D
-jAFIxAZPyBpycdc0BHhBgitaFjZnHu7nn39eyZk2oUfD7Bl76LkbNmnMHGjbZ511ltx4440yffp0
-fakyswZzCYOM0TRNK2XppQY703oxWeAYD+DlGMeVeGjLmAUxkZiLxzN/P6YQcILOIAloBzzEpmnd
-f//9MmvWLIGEmTL38ssvy6OPPqpHskAwGRjEudApDM3yDw2LdgDz73znO4rzhx9+qOcQNsTNgiDO
-o47FKu+//75q3nfffbeOEYwePVpNUhA0JFFbW+sDhlHQGngeVT4wa+AgZxsMt3CeBzNPEce1ZlDI
-zzlBp8EJwaLLjKAxn/maa66RESNG6MP8zjvvyK9//WslZ5IOGjRI7WpoBgxAuWt+BGxAj0E/TErv
-vvuu3oTeDZpznJwJhBQgDRat4Gi3sWPH6oAh14SlS0eYu/wQAGNTRqJHcI2GkZv5cW5xOTcS59zd
-8Qg4Qccw4U2PvRnzxde//nW57bbbVINjbu1vfvMbwe6JYyYHDzmmD4TPH/YYkM10CTmbyYhBWh5o
-2sZc9GE3v+jRCMBWFJIHjjnpDFq5NhdFq3nOwTzeLtYO8TvE48XDS/26fr+w1NGI1R/hsR8CFu2m
-uWDFwGrBy0wPe64iNDZdrnxLKRy5Nxx5HuzcjvlgQVyLb8d80pViHCfoWKujCbN0FXMFpowf//jH
-uhqtoqJCp3O9/vrrct1116ltmj03BgUTB6sJo+Qdy9Ivm4AAGi5mDRwmJwiCBULmcj3g9iKljTgn
-DxzT9sxuann5MTcC4G2Y2pFUmc4tx2h4rjazNH4MpiEH4XgEECYeZOzQjz32mC5lZTrXli1bZMyY
-MXL77bfL008/rbMCMHEwG4BBQrOVRnOMCmbU38/zR8DMEAz6Ye5g5gaO9mBeerqXIySACYP5zjhm
-cpAPS79xhKVLp4H+Ly8EorJtpMvRNGuO0XOLQzpLa8e8bliCkZygMzQ6mjSj/AxE8TCzGOKrX/2q
-LozgQWflIItS+Nn0IdP0TBDJOnqe4VbunQUBXnq0A+7BBx/UaVqDBw+WBx54QAmXWTVMwzMiAG9+
-TLNjUJHe0A9+8AMdHNy6dau2H3nxUvVxA5BomIsSKpib4xnB8Sxg50e54Rg9t0Up6RQZy8eP9RFw
-gq6PR70rHmCm2UG8kAKzB1igwrznxYsX61QtVqq99tprSgJM+cIZUXMeFWiu3TUcAabRQcSYJF56
-6SUlYJZu0xa0CRgTzsvUfpDBqlWrdIk3g70QNvtyMMWuf//+Pge64c2QNQUrBHHMZqL3ydqB6A8/
-2xqBF64pLnbMmnkJB/osjhyNz9ueEX/m3qIN8OBjm+bHUu/Zs2fr0lU25GEBCxp1dEWVC2AOgPMI
-hoDRhJm7fOutt+qUx89+9rP6UsTccfPNN+s86XhWCxYs0KXekDZtwsZV1jOKx/Xr/BCIyrNpzfix
-fBvHghVepLSZxbVz4ttSb7uba9OGRPqjE3R6XOr5ImDW1WYvB5tix+IVfg899JBcdNFFMmHCBBky
-ZIgsW7ZM0yOgpHXXdAR4SdqcZrRnltaz0Q7bu0LW6TZLgjQgBXo7l112mRaCrjeanRND49oEeTbT
-BouHOOfFycswX1nnuWDQlj08WNiCI5980zeu5MWZqk3QKBYUZ9FbvtQIEBoY9ktWqqGZcc52omyU
-xMwPTCHsnkY8NIlFixbpijbspL5BT+PbDDwxdYAxxyeffFJ7NFwPCjNpGARky1dekqwYhIiZuw6R
-X3HFFTq4yHajaOJOzo1vB54BBmpZ3cn+G7wEMRk1BFPy4Fl44YUXdBCetoKs3R2PgO8HfTwmefsw
-WIgmAElgAsGx6tC2uESA2f+BeJhGnKDzhjZjRLCEHNC4eDmyidK1116rRMELk4ffN+zPCF+zBKAB
-Q8goKbjzzjtPtWgzbWS7CWnp1UDIvmF/NqRSYU7QuTHKGgOBgyzin7yi681OavbJK1ayoQW6azoC
-kLR/8qrpODYlByNpzBuYjBrjUGwg6nyIvTH5JyGNE3QztSICi8M+TTfaNk7yj8Y2E8BpsuHF6B+N
-TQNMC3kh8ygd/tHYEwe4E3QzY4t2h72ZbjgDID7ftpkBjmVnPRi8bXojXW8jD0we7k4sAmDNryGO
-dvG2yY2YE3RujBocwwTWhbDB0HkCR8ARiCDg0+wiYDTXqRNzcyHp+TgCpY2Aj1qVdvt77R0BR6CA
-EXCCLuDG8aI5Ao5AaSPgBF3a7e+1dwQcgQJGwAm6gBvHi+YIOAKljYATdGm3v9feEXAEChgBJ+gC
-bhwvmiPgCJQ2Ak7Qpd3+XntHwBEoYAScoAu4cbxojoAjUNoIOEGXdvt77R0BR6CAEXCCLuDG8aI5
-Ao5AaSPw/y/rbdCkSyETAAAAAElFTkSuQmCC" />
-</div>
-</div>
-<div class="paragraph"><p>Let&#8217;s examine the main portions of the code provided in the sample:</p></div>
-<div class="ulist"><ul>
-<li>
-<p>
-<span class="monospaced">SecureNoteActivity</span> - Main activity UI for entering note text and selecting an algorithm.
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">GetPasswordDialog</span> - Dialog to enter a password for saving/loading a note. When saving, requires verification of newly entered password.
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">PasswordEncryptor</span> - Abstraction of logic for password-based encryption
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">RSAHardwareEncryptor</span> - Abstraction of logic for hardware-bound key encryption
-</p>
-</li>
-</ul></div>
-<div class="paragraph"><p>Our focus will be to fill in the encryption/decryption pieces of <span class="monospaced">PasswordEncryptor</span> and <span class="monospaced">RSAHardwareEncryptor</span>.</p></div>
-<div class="sect2">
-<h3 id="_symmetric_password_based_encryption">11.1. Symmetric Password-Based Encryption</h3>
-<div class="paragraph"><p>Let&#8217;s focus on password encryption first. Inside <span class="monospaced">PasswordEncryptor</span>, there are three methods we need to fill in:</p></div>
-<div class="ulist"><ul>
-<li>
-<p>
-<span class="monospaced">generateSecretKey()</span> - Create a new key object from the password material.
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">encryptData()</span> - Take plain text data and write it (encrypted) to a stream.
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">decryptData()</span> - Take encrypted data from a stream and decrypt it.
-</p>
-</li>
-</ul></div>
-<div class="paragraph"><p>The hooks for triggering this logic from the user interface are already in place:</p></div>
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Implement <span class="monospaced">generateSecretKey()</span>:
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-Get an instance of a <span class="monospaced">SecretKeyFactory</span> using the "PBKDF2WithHmacSHA1" algorithm
-</p>
-</li>
-<li>
-<p>
-Create a new <span class="monospaced">PBEKeySpec</span> with the supplied password parameters
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">Use an iterations count of at least 1000</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Generate a new <span class="monospaced">SecretKey</span> from the factory with <span class="monospaced">generateSecret()</span>
-</p>
-</li>
-<li>
-<p>
-Return a new <span class="monospaced">SecretKeySpec</span> containing the raw key bytes and algorithm:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="k">new</span> <span class="n">SecretKeySpec</span><span class="o">(</span><span class="n">keyBytes</span><span class="o">,</span> <span class="s">&quot;AES&quot;</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">encryptData()</span> to write incoming data to a stream:
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-Get a Cipher instance loaded with the "AES/CBC/PKCS5Padding" algorithm (already defined for your as <span class="monospaced">ENCRYPTION_ALGORITHM</span>)
-</p>
-</li>
-<li>
-<p>
-Use the provided <span class="monospaced">SecureRandom</span> to generate a random salt:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="n">SALT_LENGTH</span><span class="o">];</span>
-<span class="n">mSecureRandom</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">salt</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Repeat the same process to create a new initialization vector (<span class="monospaced">iv</span>). The length of the array should be <span class="monospaced">cipher.getBlockSize()</span>.
-</p>
-</li>
-<li>
-<p>
-Initialize the cipher with your key and iv:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Call <span class="monospaced">doFinal()</span> on the cipher to return an encrypted version of the incoming <span class="monospaced">data</span> bytes.
-</p>
-</li>
-<li>
-<p>
-We need the <em>salt</em> and <em>iv</em> again to decrypt the data. Write all three items (Base64-encoded) to supplied <span class="monospaced">OutputStream</span>.
-</p>
-</li>
-<li>
-<p>
-Write the supplied <span class="monospaced">DELIMITER</span> character in between each element so they can easily be split apart later.
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">We chose <em>&amp;</em> as the delimiter because it is a character not present in the Base64 encoding alphabet.</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-<span class="monospaced">flush()</span> and <span class="monospaced">close()</span> the <span class="monospaced">OutputStream</span>
-</p>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">decryptData()</span> to reverse the process:
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-Use the supplied <span class="monospaced">readFile()</span> method to stream the encrypted data into memory as a string.
-</p>
-</li>
-<li>
-<p>
-Split the string on <span class="monospaced">DELIMITER</span> to get back the original three fields (salt, iv, encrypted data).
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">Don&#8217;t forget to Base64 decode each field after splitting them!</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Init a new cipher for decryption using the same algorithm and key:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Return the result of <span class="monospaced">doFinal()</span> to get back the decrypted note.
-</p>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Build and deploy the application to your device/emulator.
-</p>
-</li>
-<li>
-<p>
-Select the <em>Password-Based</em> option and type in some note text.
-</p>
-</li>
-<li>
-<p>
-Click <em>Save</em>, and enter a new password. You should see a message saying the save was successful.
-</p>
-</li>
-<li>
-<p>
-Connect to your device&#8217;s shell and view the saved file:
-</p>
-<div class="listingblock">
-<div class="content monospaced">
-<pre>$ adb shell cat /data/data/com.example.android.securenote/files/secure.note
-OlpcR+xyPsaBXtZP2mkZdtxrMGnTnSmqM/r0RzVFJjk=&amp;o0hKRxL3MVw1D1wQFUIV+w==&amp;fOToQqDlEaBhgKlnCsgbgSUckemI/XBp9TPBY+SPTYWiHvICsmBT42miMCz0wui/pAMQ+OaehUAN3DayPKEoWw==</pre>
-</div></div>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">This can only be done on an emulator or rooted device. Production devices have this directory protected!</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Looks pretty encrypted! Click <em>Load</em>, and enter the same password. You should see the note text displayed below the entry field.
-</p>
-</li>
-</ol></div>
-</div>
-<div class="sect2">
-<h3 id="_using_a_hardware_bound_rsa_key">11.2. Using a Hardware-Bound RSA Key</h3>
-<div class="paragraph"><p>Now let&#8217;s try this using a private key that is tucked away in a non-exportable block of the hardware. The <span class="monospaced">RSAHardwareEncryptor</span> has four methods you will need to implement:</p></div>
-<div class="ulist"><ul>
-<li>
-<p>
-<span class="monospaced">retrievePublicKey()</span> - Get the public (encryption) key from storage.
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">retrievePrivateKey()</span> - Get the private (decryption) key from the keystore.
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">encryptData()</span> - Take plain text data and write it (encrypted) to a stream.
-</p>
-</li>
-<li>
-<p>
-<span class="monospaced">decryptData()</span> - Take encrypted data from a stream and decrypt it.
-</p>
-</li>
-</ul></div>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">Hardware-backed key storage is only available on Android 4.3+</td>
-</tr></table>
-</div>
-<div class="paragraph"><p>The hooks for triggering this logic from the user interface are already in place:</p></div>
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Read through and take a moment to understand the <span class="monospaced">generatePrivateKey()</span> method.
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-This method is responsible for creating the public/private key pair and persisting them both.
-</p>
-</li>
-<li>
-<p>
-The public key is stored to <span class="monospaced">SharedPreferences</span>.
-</p>
-</li>
-<li>
-<p>
-The private key is bound to the hardware keystore. It can be referenced later by its <em>alias</em> (<span class="monospaced">KEY_ALIAS</span> in this case).
-</p>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">retrievePublicKey()</span> to create the encryption key:
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-Retrieve the encoded key string from <span class="monospaced">SharedPreferences</span>.
-</p>
-</li>
-<li>
-<p>
-Decode the string with <span class="monospaced">Base64.decode()</span> into raw bytes.
-</p>
-</li>
-<li>
-<p>
-Use a <span class="monospaced">KeyFactory</span> to return a <span class="monospaced">PublicKey</span> objeect from the bytes:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="n">KeyFactory</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">KEY_ALGORITHM</span><span class="o">)</span>
-                <span class="o">.</span><span class="na">generatePublic</span><span class="o">(</span><span class="k">new</span> <span class="n">X509EncodedKeySpec</span><span class="o">(</span><span class="n">publicKey</span><span class="o">));</span>
-</pre></div></div></div>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">retrievePrivateKey()</span> to get the decryption key from hardware:
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-Get a <span class="monospaced">KeyStore</span> instance of the "AndroidKeyStore".
-</p>
-</li>
-<li>
-<p>
-Load the <span class="monospaced">KeyStore</span> with <span class="monospaced">null</span> as the <span class="monospaced">InputStream</span> parameter to initialize it.
-</p>
-</li>
-<li>
-<p>
-Get the <span class="monospaced">KeyStore.Entry</span> associated with our <span class="monospaced">KEY_ALIAS</span> from the <span class="monospaced">KeyStore</span>.
-</p>
-</li>
-<li>
-<p>
-Return the <span class="monospaced">PrivateKey</span> from the entry with <span class="monospaced">getPrivateKey()</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="o">((</span><span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">)</span> <span class="n">entry</span><span class="o">).</span><span class="na">getPrivateKey</span><span class="o">();</span>
-</pre></div></div></div>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">encryptData()</span> to write incoming data to a stream:
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-Retrieve an instance of the <em>public</em> key.
-</p>
-</li>
-<li>
-<p>
-Initialize a new cipher in encrypt mode with the "RSA/ECB/PKCS1Padding" algorithm.
-</p>
-</li>
-<li>
-<p>
-Wrap the supplied <span class="monospaced">OutputStream</span> in a <span class="monospaced">Base64OutputStream</span> to encode all characters before file writing.
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">Add the <span class="monospaced">Base64.NO_WRAP</span> flag to the stream to avoid reading conflicts.</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Wrap the encoding stream from the previous step in a <span class="monospaced">CipherOutputStream</span> to apply our cipher to all bytes written.
-</p>
-</li>
-<li>
-<p>
-Write the incoming data to our wrapped <span class="monospaced">OutputStream</span>, <span class="monospaced">flush()</span> and <span class="monospaced">close()</span>.
-</p>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">decryptData()</span> to reverse the process:
-</p>
-<div class="olist loweralpha"><ol class="loweralpha">
-<li>
-<p>
-Retrieve an instance of the <em>private</em> key.
-</p>
-</li>
-<li>
-<p>
-Initialize a new cipher in decrypt mode with the key and the same RSA algorithm.
-</p>
-</li>
-<li>
-<p>
-Wrap the provided <span class="monospaced">InputStream</span> in a <span class="monospaced">Base64InputStream</span> to decode the file bytes.
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">Don&#8217;t forget the <span class="monospaced">Base64.NO_WRAP</span> flag again!</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Wrap the decoder stream in a <span class="monospaced">CipherInputStream</span> to apply decryption to the incoming data.
-</p>
-</li>
-<li>
-<p>
-Use the supplied <span class="monospaced">readFile()</span> helper to read data from the incoming stream
-</p>
-</li>
-<li>
-<p>
-Return the decoded data as a <span class="monospaced">byte[]</span>.
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">You can use <span class="monospaced">getBytes()</span> to return the bytes of a <span class="monospaced">String</span>.</td>
-</tr></table>
-</div>
-</li>
-</ol></div>
-</li>
-<li>
-<p>
-Run the application again. Type a new secret message to save.
-</p>
-</li>
-<li>
-<p>
-Select the <em>Key-Based</em> option, and click <em>Save</em>.
-</p>
-</li>
-<li>
-<p>
-If the save was successful, you can click <em>Load</em> and see your typed message in the lower box.
-</p>
-</li>
-</ol></div>
-</div>
-</div>
-</div>
-<div class="sect1">
-<h2 id="_review_questions_2">12. Review Questions</h2>
-<div class="sectionbody">
-<div class="olist arabic"><ol class="arabic">
-<li>
-<p>
-Name three of the primary APIs for persisting data in Android.
-</p>
-</li>
-<li>
-<p>
-Why is it a bad idea hard-code secret keys in your application code?
-</p>
-</li>
-<li>
-<p>
-What is the preferred method of generating a unique ID for your application user?
-</p>
-</li>
-<li>
-<p>
-what is the one type of persisted data that cannot be (directly) encrypted?
-</p>
-</li>
-<li>
-<p>
-What is the name of the package that provides encryption for SQLite?
-</p>
-</li>
-<li>
-<p>
-What is the primary advantage of the accounts framework?
-</p>
-</li>
-<li>
-<p>
-Is password-based encryption symmetric or asymmetric? What does that mean?
-</p>
-</li>
-<li>
-<p>
-What is the difference between the system KeyChain and the system KeyStore?
-</p>
-</li>
-<li>
-<p>
-When is it safe to persist an encryption key in the system KeyStore?
-</p>
-</li>
-<li>
-<p>
-How do we check if the device supports this?
-</p>
-</li>
-</ol></div>
-<div class="paragraph"><p></p></div>
-</div>
-</div>
-</div>
-<div id="footnotes"><hr></div>
-<div id="footer">
-<div id="footer-text">
-<style type="text/css">
-td.icon {
-  height: 50px;
-  width: 60px !important;
-}
-.icon.tip {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKZUlEQVRoge2aa3BU5RmAn3Pbs7fsJmwCRGITk0hVLFAtNWoq6pAiU0cKaYfa6ShT+YN4YbQw9F/8QX+UMv6gM3Q6oxMV6TgIbe10Gq2gcSzDpRaFgmIk4SKB3LP3Pff+SM66m+xuFvEyzvSbeefsbva8+z7nvXzf934RHMfhmzzEr9uAqx3/B/i6xzceQP6iFDmT1cBxHNzCkFsgBEHIXnNeC1f7u1cN4DiOY9s2rliWhWVZWRDHcbJGC4KAJElIkoQoioii6IiieFUgnxvAtm3HNdg0Tbq6uuju7ubYsWP09vYyMjKCpmmoqkokEqGhoYGFCxfS2tpKW1sbiqJkRZIkZxLoikGEK50H3CdumiZ9fX3s3LmT3bt3U1V3A0033cKc2nkEQxV4PSqSJOI4Dpquk0gkGLx8kZ4T7zF87iSrV69m3bp1NDY2oqoqHo8HWZa5Uo9cEYBt245lWRiGQUdHB9u2beOe1Y8w/6bFVAT9xJJpYvEUiVSGjG5gmBY4DqIoonoUfF4PoYAfRRE5/8kp3njlD6xfv54tW7YQCATw+XyuR8r2RtkAtm07pmly5MgRHn/8cZSaZpbcfjd+n5f+wVEGRqJkdCMv3vME8t77vB6qQn4+OX6YsXPH2bp1Ky0tLQQCAVRVdb0xI0RZZdQ1ft++fSxbtozrlqzgrnvvI5nRee9UL+f6h9B0A1EQEIsBiOKETL7XdJOBkTg1jYtouu1+1qxZw549e4hGo6TTaUzTxLbtGZ/ujEmca/wvHnqYnz/2DLNn19B74TIDI9HPjCvwlLMls4RHdMNC8IRZ8dBmnnp6E7Zts2rVKgB8Ph+yLDulPFEyhBzHcUzT5PDhwyxbtow1j3YQqanmozOfEk2kChuLQ3x0lGQihmM7qF4vVdWz8fr9hYFyoK30OG/ufpYXXniB1tZWwuEwXq8XWZaLJnZJAMuyHE3TuPPOO2lcsoLGpmZO9ZzPM37q0x0ZuISla2xY2077j5ZSFargZM9Znt97gE8uDBb3ziRIfPAcF4/v59VXX6W6uppQKISqqkiSVBCgaA64odPR0YFS00xjUzNnLlwmmkznxbKYI45jk04mefaZJ3j04VXMqZ6Fx6Pw3QXXs/3Xv6Tp2rnTALL3T8wDBCLz8M2Zz/bt24nFYjPmQ0EAt9b39fWxbds2ltxxD0NjMQbdmC+QlIIgIIkSoWCAH971/Wk6PYrCg/f/oHiVmhSP6qWm/gY6Ozvp6ekhmUyi6zq2bWeXK+UAYFkWO3fu5N72dQT8Pi5cGp6xuoiiiBoMktH0gl5trp87DbqQBEMRbl32U3bt2kUikUDTtOzypGwAwzDYvXs3316wiEuDoxiGWVaZrAjP4qW/vFUQ4NAHPdlwKQWiqF4qa+ro6uoikUiQTqcxDKM8ADd8Xn/9dWZdewMVwSCDo7GicT8NSBTZt/8oT259jgOHThBNpIgmUjy3dz/P7z2Qr2My7gs9FNUXoPpbN9Ld3Z0FKBRG0+YBN3y6u7tpWnAr8WR6+gxLfr03TYNMMolhGFimiWVbXDzbx4G3/4XgOIiyTF3DdW45nHG2RhBQfX6q65o5evQoy5cvn9BtWUiSRG5FLQhg2zbHjh3j+tsfKFrv3R8EGL7UT23NLNraWmi+ro5r5kSYHakiVOHH7/OiyDKxZIonf9NJIpWZMQcEwOPx4vNXcPr0B2QymdxEzrO34ExsWRa9vb3csjzEaP9w1sUFZ1RBQJJk/vjbTdTXzS2kDoBQwI9HmcEDOSJ7PAiiSH9/P7quY5omlmVN01soB3Ach5GREbyqiqabM8a+NxAglcmvPOf7h9jR+WdOfNQLwNtHTzIeT+XFfdGCIAiIogSOQzQaxTRNdy4ozwO2baNpGpIkY1j2RAJTeJ0jCAKRmtmcPHORmkglxz48y/5DJ3jrnUPMb7iGxx7+MZZls/efR0rG/VQPgwMC2eQtZHxRAABVVbM3lEpgV178azcvvfYOgiCgZTJomsbGR9oRBIHzl4YYGo2VlcCuWOaE5xVFwbbtqVHiCJOZXBQgEomg6zqSKOIUMrqER+LRKItvaubW78wH4NLQWNmx7+q1DB1ZkgmFQohifqS7xhcFEEWRhoYGEokEqkeeWPLmurcEiGPbpJJJfvbAPVl95/qHJyYvmH5/EdG1FA5QW1ubzZvc8pm1deoHroKFCxcycPkiPlWdnmC5iTxlVk2n0wT9Xu69Y3FW51g8OfH3ye+WnAgnRcukyKQSNDU1Icty7n65NACAJEm0trbSc/zfVAT9JZ/U1NWklslwx/duxqMoWX0Zzcy/bwr0VCDT0NDTSS6f/ZBFixZlN/ySJJXnAVEUaWtrY6DvOIoiFlx5FhPLsrjl5uvzdPq8nsLfL6I3FR1FlhUG+v5LS0tLtmtRlgcEYaL5pCgKq1ev5lzPKfxeT8FwKSQA115Tk6eztjpcsubn6rUMnfj4MLHxIZYuXYrX683rVpQDIIiiiKIorFu3jn+8vIPKCt+0cCkG4m4Bc0fd3OqCoVIIJDo2iCQrvPu3F1m5cmVeu6VQz6hgDrj1t7GxkfXr1/Px+wdRPcr02C+wmgxVVnLm3KU8ffNmVxX03lSgRHSEVGycoYt9tLe3U19fTzAYzAKUVYVyw0hVVbZs2cJw7/uYyZGSIeCCeFWVd499jGGaWX1zq8OfrYOKeC+TijM+cBHHsRju/Q9r164lFAoRDAbdPfEVAQiiKOLxeAgEAmzdupW/v/A7RLPEyjTHuGjKYMfLb3B5eBzdMNl/+CSmZReN+0wqztDFs4iSxIE9O9mwYQPhcJhwOEwgEMhN4GkEZXUlYrEYe/bs4elfbWLFQ5tQKyJlVaRy+kSJ6AhjA58iihJdf9rBUxufYPny5cyZM6esrkTJxpabzIFAgFWrVmHbNps3b+bun6wnVF2H4lHLmlULgZiGTmxkgGR8DNu2efOV3/PUxo20tbURiUSorKwkEAhkk7fYmLE36rZX0uk00WiUgwcP0tHRQcW8G5ndsIBgaBYe1TvtyRYDMXWNZGyU+Ngwkiwz+GkfQ73vsWHDBhYvXkwkEmHWrFmEw2G3M1eyR1pWczcXIh6PMz4+zvbt2+ns7OS2+x6kanYdqjeA1xdAUb3IioIoSjg42JaJaejomTRaOoGeTiHJEvGxYd55rZP29nbWrl1LOBymqqqKyspKKioqyjK+bIBcCE3TSCaTxGIxenp62LVrF11dXdTUL2BO/Xx8/goEUcSxbYSJ2EGS5IlzgnSC/r4PuXzmOEuXLmXlypXU19cTCoUIh8OEQqEr7k5/7vOBdDpNMpkkkUiQSCTo7u7m6NGjnD59mv7+fqLRKIZhoCgKoVCI2tpampqaWLRoES0tLfh8Pvx+P8FgkGAw+OWfD7gj94RG13U0TSOdTpNOp8lMbmQ0TcvbArrrK1mW8Xg8eL3e7BLB5/N9dSc0uSP3jMwwjKy4G3AXwB0ugAsx5YzMndW//DOy3OFMjGwrxrKs7NX9LBfAneFFUcxec6rU5zqpvCqAqTCT16/0nPgLA/i6xjf+Xw3+B2ll/uiqTaJTAAAAAElFTkSuQmCC") no-repeat center center;
-}
-.icon.note {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAJhUlEQVRoge2ZWWycVxXHf+fce7/vm/GaGCde4pI0aQlJC0kRtE1L00JbLIjY4QkeUB9YHhAIJFCExAsKUkE8IAFFPIDUIqhBRSDRBUqCCimFFBCBpCWx02IaZ3G2SdyxPZ7vHh6+mcnSZnFjKIge6Wj8zYzvPf9z/me5d8TM+F8WfbkNuFx5BcDLLf/fAEZGRmx4eNh6enqsp6fHhoeHbWRk5D9aFeSlVqHNmzfb6H33sHnT7ZQmD5GfOMax6Sm+Pl5h1Yc+xpYtW2SBbX1ReUkRGBkZsdH77mHLW95EOv4Ms3ueJh6YYPHUFF9aljJ63z3cf//9/5FIvKQIDA8P293L2yhVjjH7t51ocDiviFecF46n7XzBreChhx4qNhH5t0XjJUVgx44ddGUZ9b/vIpQDoRQIWSDJAiFL6B9axo4dO4gxAmANWVDLG+Ln82URMRGhVCqRHxonlAPqFXWKC4r6IhI6OMjMzBN4/4LlTUQQEZxzZ32QJAlpmrb+p16vU6vVOHXq1AWjN18AnDj0F971vrs4OnmYJVkoDA4FCPUO172ICgnt7SV++4vvsGhRJx3tJbIsRVVpsUnOBBABBVFEClKYwbKr7sTM7EIUnBcA7z21k7t49x1X8JXvbOWra7rw5QRtcN8PLCfvvZJvb9vJycpJpg4/hp/N0I4SMQs4Jw0A5zBXHGiCaIZIKABgpGlKjPEF0TpT5pUDRXiVt99+Le03r+WzuytM1gO6pB/3+o0cbxvk8yOPMjW6i2iR2lxOjJDHSDMFogmGwzQ7rRJAUpAENAGXIZq2AFzQpvkACCEQcahP+cRH3sKHn9zHXU+MM7rtGeD33NDXzaZynZU9gcezpUw9X6OzIyOakkfF4QEpPG6nDRNNEA2FSgKimETSNCXPc0II57VpXhEolUqoOrxPSLOMT330Dv5SqfKDNR388Y2L+caQsjITNv3pMBs3rOT56ZyZGaM+J0QUxDc0INrWUgggoRGBAOIRAt77hY1AmqaoeJxPcN645jVDbNn8Hj73o8fZ/af9mEE9j9y2YRXt5YzZWmRmzjj1/BwhTXAKzitOHEbeWlc0AVwDnCv8KoZzjotV33lTSL1HNKAuEtKM1169jM98/E6mTk3x4Nbd7Bk7TEdHRvAeVY+hmDqmZwx1kIkiqrhzS2zL+AbNMC6l/80LgHMOEY9oQvBCks5RKpXo7JhFxbhz42pet2aQet1YtLiDJAkIDq8BHwJmwlwOUaD0ojsrNKuUReIZyb9gABCHcwWFgg+0lTPyvIRToVzKWLpkMfV6REQplYvmZCj1uuBUSdJwTg8AXBdoCZMOsBkQBeGi/J83gBgjmABC8AlJGsjzFLMyaXDM1etEA0VR50iCx6mSZhkiijpPjEpQD+SF4WdJrTAewdCFB1CtVlFVVATnhMQnWJqC5aTBk+c5IIgWRoTgSZJAmiZAo1s7hwsppglI+fTiljeYnyHkLQotKIAYI4igzpFHISQOiwEnKTEG8hhRVZw6YjRQLfJGHcF7jleqTBw8znXr12MABnv37efYiSnesG4tiUsRUQwD7JIAzKsPqCqiRbVwweM04XdPjhJN+dvTBxgbn6G9q59yZx9/3HWEb33vN+zc/RzOJ+w/eJLtO8Z5ZNtT7PvHIUQTvvv9X/Lc/mN0d3by3fseRLQwvWh0Fy+h8wbQ2VFG1KM+xfuAqufo8So/fejPPD/rqJys8pvf7eLAoeNMHqnw2U9+kH3jVQ5MClMzKUla5obr13HliiEMmDx6gltvuY7Vr1nBQF8PJopQ9AFTt/AROFfMjCW9XTy19xB33Hodb924jr1j+/nDk3/nzTdei4jw3nfeyCOPbufa1y5jzeoVrcHM8HR3dfHlr/2Q+x94jFtuuh44/9B2PplXDryYLF3STXd3e+t5UXcHY89OsOH6NS2Qed7wpM1Rm50G4MGHH2P961Zy3bqreXrPP5mrzwLt5y6/cACq1eoLCKm+TN/SAebmfn8aUG83PYs7+cnPH+eqKwd5as8/edc7bi02847pmVkATk1VWbF8AOcca1Yv59DkqcYK0tCL02deACqVCldc0YdIwLmEPM9RV6NnUZlPf3wT6oqJcePN6wHhzTeu4/CRCrfctJ4sSxBRli7pYfHEMUSU97/7Th751RP8eec+Yp5zzTVXM9DfDyogBvHS6HTJACYmJnjVoq5GFw0454gCEOnoaMfiNGZFFRFxJGkbywZ6i1NWoy9kWYmbb1gHKCHApuGbisVFGyoYUswa5OR5ftF56JIBjI6OMtDfWwAQ35jnc8AVpRXBohVqUowECKqK4RBxoE0W6gvGCcEjaOEAwEQWdpgbGxujt7erOLO2mk3R8i0Wz9EiuUGz+qlKEQEUaJbI4lTHmTVePKgWzpDGJGpc8CDTlEsuo88++wxXDA0UIUbAOP23KGZKjI48KnkuhcbiPbPCOBoeBikOLk2VxjqNRilaAEqSZGEAbN261bZt+zW33XY7IAXXm6Ou0YhIMamaaUOl5WRrzg00viuKWWxpQUOHNAZFQRpD48Xlkig0MTHBB95zG+VSylz1KCbWyDOh2XyK+56IqjWMKigkUnzWnPPFFFRRLZ29SQRUELOGY4pZ6LKOlM07mZ07d/KOtw1TcB4sGkTDiDQ9K1IkrKeYmQC08d7pZLSiRBpE5s7aS0XAHFEKAGY51Wr18g80Zmb33nsvX/z8XdSmj2AWOXhwkrxe46+79jB55Dh/3T2GxUhHextdXW2sXN7PNWtWIQKDA71FFBoAjIgQkVg/a5+oHrU5zIznDhxk964xKpXKggAoTlWW8+OfPorlOQ//cjsDy1bS2dFOW+diVly1iL6+Pqanpzl5qsL4pPHwN3/G1InDlMsZ7Z1tDA30cfWqIa5dexV9fb2YnT7UTxw4xsHJo4yOjfOP8QOMjx/k4OQx7r777lY0zycXvJ02M4sxMjg4SL1eR0TYsGEDw8PD9PX10d7ejogUN3a1GqpKCIE8z5mdnUVVqVarbN++nba2Nvbu3csDDzyAqrJ8+atb+zjn6e/vZ/Xq1axatYq1a9fS29tLlmUMDQ1RKpXOm9EXvV6v1+tWr9eZnp5mZmaGWq1GjLHF62aiNZ+bnPfe45xrvTZzxMyYmZk56+LXzKjX661DvHOOJElIkoRSqYT3/vLvRlW15eHCa4VxzdvmpjZDfubzuXeb3vuzqCEixBhbo0NTkyS5PAr9L8j/96+U/w3yCoCXW14B8HLLvwDd67nwZIEPdgAAAABJRU5ErkJggg==") no-repeat center center;
-}
-.icon.warning {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAMVUlEQVRogdWZeXDVVZbHP7/f27JBwtJIiCERRFlbx5FuHRrRBgtBsRIwCCOrFmGmiDBjYVNlQlgiQjU6IjI4xLJxGf5QGp0Cbaftsu3Rhu6aYXqgLZoWEsjyyDP7S972e7/l3vnj5cW3Ji9M/zOn6lRS997fvd/vueece+59ipSS/89iv5mPZEQQQsS23RQARVEAUFUVRVFQog0ZyogJSClld3c327Ztw7IsLMuKto90KgBsNhtVVVXMnj2bvLw87Ha7HBEJKWXGKoSQXV1dcsuWLfLSpUsyKkKIIdWyrLTqdrvlU089Jc+cOSM9Ho8Mh8NSCCEzxTRi8JWVlbKtre0vAt6yLGmapmxtbZXr1q2TZ86ckW1tbSMikTH4GzduyKqqqkHwsSA1TZOhUChOg8HgoBqGIQ3DSAk+VleuXDliEspwviullD09PbzwwgscO3Yszt91XScQCNDZ2YlhGIPfuFwu7Pb48FJVlZycnEG/z8/PRwiBqqqDYzweD88//zyrV69m7ty5jBs3DofDMWRgD0lASik9Hg979uzh2LFjcYEaCoVob2/n2q9+hbZ585BGSCWltbVMr61NtSYbN25k7dq1zJkzZ1gSaqrGWPD79+9PAh8MBuns7OTie+8R2rwZCYOaqTTt3cuf6+qSwAMcP36co0eP8vXXX9Pd3Y1hGMg0lk65A1HwdXV1vPHGG0mW7+jo4A8/+xn2BAAAI0riQOnu3cyork7Zt3btWtavX89dd92VdieSCEgppdvt5sCBAxw5ciSuLxQK0dTURMOHHyJ37hwh1NSiAKU7djDzxRdT9q9YsYJt27YxY8aMlCTiCEgp5eXLl6mvr+fVV1+NmygYDNLW1sY3J09ipLEYQDPw2sBfCTwMLARKgKwhiNxWU8OsXbvi2qLYnnzySSorK1PvRGyqvH79uty6dWtSLg8EAvLKlSvyo1275M8hSV8H+eMBvRPkP9Vslp0tV6W3u12+c7hOTgT5NyAXgtwE8gTIUyn0D9XV0jAMqet6klZUVMjPP/88KcWqUcs3NjZy+PBhDh06FGeFqNtcOnECY8+euICVwDWgFtj/m1/wD+8f5xtg6uy5ZI+5BSkkU6fexgu7tvLWhd/x1tXL5P/905wAggnzSODavn388Sc/SblDL7/8Mq+99hqXL1+OC2zb7t27uX79+u7Dhw+ndJvW1lYaP/qI0EDKS1z0XeDjC7/l9llz+d6EWxjv0imdcgeFRcVofR46vm1Cx8ndP5hP3qjR/GDuX/GbC5/iberl1qirxGjv73+PYRjc8tBDcVhGjRpFRUUF27dvp7i4mPz8fFwuV2QHVq1aldLyDQ0NXDt5En91NRIQCRqNHld2HsLUCfu6GD9mNIoVQggDy9RQpYLTbkdV7Vh6CH9vJ/fcfz/vALsAN2AlzHv1wAEu1tTExUI0Hl555RXq6upobm4mEAhECEyePDkOvK7rtLS0cOP0aby1tUnAo2oNkFAUSTjoRfN+ix7wgjRBShACVVFQRGSkHvTypwtnmXHPQhrbb3D0k1McAdpiDBLVhp/+lIvV1UlV7oQJE8jNzcXtduPz+ZIPMtM0aWhooPH99+mtrU1ymVRqUxUQFlJYSBFGCivGOSyEaSCFAGlhd+Vy7w/n43BmM3POXWx69hl8AyMTDXTl4EEu7t2bCBGAQCCAruupCdjtdrp3705r+ViN22YhsUwdyzRBCpACyzIRMnpngCxXNjYlMk4L+ggoYXxp5pbAlX37cDgcSQSEEAxmoVgQg/9nAP67bVdAUcFmQ3W6IgtIiWUKLCGwLGvQj69e+m+EsBB6iGB/N/3e9oyNlIgRYm5kiR2JH0L6MkFYEi0UQKAycdJUbIodT3Mjpu6n3xfCptoRlomQCqZpRkhLCykMhLBQSV1HJbalKnvSF3MpNO0OSIEwDWyuPCaVzCRv7ER8Ph+mtJM35lZsdjvuxktYhobDkYOCgqJEDWLLaAfSVc1p78SJO2AAvUBggLUNKIx2Kgqjv3crY2wOiqaqKKoKihKJCctCC/npbW+jq7sbS7UjkGCZCCkQQkdJsV6mRWHGBH4HLHpxF3LcGDq6u7nw2S85++V/4gb0kB9hFoAZwuZwgc2BqjpQVRWbzYXd4cDlysHn7WJi0W2EfH24XA6EjKySqhTPtDRPIjB4XUtoPw3sKV/O+KJipJT4V63mq3/7Obu21/LN/5xl9l/PIys7G2fOaBS7E5vNQrU7UW0KNlUFp5P8MeO5/8HFhPo7CXr7MMIaQW8neSkMlqnEEYj1s8QJbwXaWpopmDgJh93OqHGFLFy9jjunTeHNo2uAvUy54/uMuaUYV24BUpVYpoVEwaY4UVUbitNJ9ugxOBw2tEAPfX29QCjuVB9OEmNBTdeRGEj3A56OdkwtgDDCCKFjz8ql6N55/G3VcRouX+SXH72Ht6udcCg4cJiJSPIn8oCloIKUKAhURUUIiVCjx128pjtrEiVtFkrMNNOBA+s34XG3YIRDSMtAkSbOrDzuvOchHnmiklEFY3n76G7Of/nv9Ht7EMJCSjGoljCxjOBAnaSjhYPowevDZrx04FMSGLwnJEzmAOYCn33wAUYoiGXoSMsEoeNwZTO2aDrzFpWxck0VJVOn4fd2E/T7oneNyOFlGkjLwNTD6FoILRQEa/hDcyhJIuB0OlFVNeVE04B3XjnC+d9+hRYKYJlhpDBBGDidDiaUfp/xk24nJ3c0eaPzsKsgzEhtZJkGIuzDNDRCAR99fb309XYhNAYPsnQ6IgJSSgoKCihavDilJZ4Aajf8HVf/fAnLCCNNAyktECaqIsgbV8So0WMHrn2RGLBMHREOYBg6eiiIFgzQ7/US8vmYoEDuENa/u6oqcwJRPysoKOC+N9+kcNGiJGvkAQuADY+twn3tCuFg/4CVDbB0VKHhzHbhdGVhs6kgDKTuR9f86KEAWtBHd0c73p52pB5Av5KewJxnnmHeoUOEw+EkjHEEYi8MEHlFKyws5IfHjlG4cGHSxJOA1cATPy7nT388j+73YoYDCEuP1DhSRrKOlFhmmLAWQNMCBHw9tHtu8K2nBcsI8uGxf8HoiRBINNTtjz7KQ/X1xL6iRDHGvubZAfr7+1Nuz+TJk6G+nv/atInmX/86rq8AWAlUrahk/Fio/8XHjM4fi93pHCgRFCzLQtd1tFAQLeCjs9NNb4cHxdL44J8PozfD7XyXRqNy97p1PPz220gp0XU9zriKogw+SaqqGtmB48ePU15enkRASklRURH31tcz6cEHk1JrAfAUcEcPLLjvMU69/694uzsI+X3093TS5blBl8eNt72VHk8Tfd9eR+vv4MQ/HkZpiJwttgTL3/Hoo2nBNzY2smjRIhYsWEBBQQEulyvyLuT3+2VTUxM7d+7k5MmTKXNuS0sL555+mtYvv0zqE0A7kavhqFL4oAlCCWOygGIiqTiHyMnuTBgz/bHHKDt9GillnN8D+P1+ysrKWLJkCdOmTWPWrFmUlpZGCAghpN/vp7m5mZqaGl5//XUKCwtJFLfbzX+sX8+Nr75K6rtZiXr49KVLKf/4Y4QQ6LqeBP6RRx6hvLycadOmMXPmTEpKSsjNzf3uZS6WRHV1NadOnUpaTEpJa2sr5zZupOkmSaQqk2csWcLyTz4BQNO0uL7GxkbWr1+fErzNZlMGw1lVVSUvL4+SkhL27dvH8uXL8Xg8ceABiouLue+ttyieN2+IK2Z6TRx/5+LFacE3NDRQWVmZFjwknAOxJF566SW2bNnChQsXkmKipKSEB959l9vmzcvo1pZOpz/8ME98+mla8Bs2bGDZsmVpwUOa5/VEd0oXE319fXxWXs43Z88m9Q0n03/0I1YPJIRE8OfOnWPHjh2UlZUNCT4tgUQSO3fupKqqigceeGCwP/a7VM8emUg0VcbK+fPn2bp1KytWrBgW/JAEEknU1NTw7LPPMn/+/GFBZQI8lZw/f57nnnuO5cuXM2XKlGHBD0sgkURdXR2PP/44FRUVNwV+qP7Tp09z8ODBjNxmRAQSSRw4cIBly5axdOnSvwh4RVH44osv2L9/P2VlZRlbfkQEEkls376djo4OQqHE83bk4nK5EEKwZs0aSktLRwR+RATgOxItLS1cu3aNvr6+wTfK/4tEfzeeMmUKkydPzhg8jJAAREgEg0H6+vrQNC2pFL8ZUVWVrKws8vPzycnJQVXVjH/s/F/lgJiyQFHragAAAABJRU5ErkJggg==") no-repeat center center;
-}
-.icon.important {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAALa0lEQVRogdWZa2wc1RXHfzM7O/teP9e1vXHSmEdjx3YeDkkaF6REKRRCEDSEFNkRjdSWSsgC2iqoRWqLQKiqIBg1NOQDiMeHtkQIQkRRS9S4aWwgCQoUgl232KkT28J21l6vd3d2dx79sDuTXdtre03Uqlc62tl53Pv/n3PuOffcKxiGwf9zE//XAL5sk65WR0a6AaDrOjMtKwgCoigiCAKCIAhXa9wvTcAEHhoc5KMjR7jw3nucf+MN67k/GCS4YQOr77yTpl27kGUZm81mXC0ywlLnQDbwEwcO0P2b3yz4jV5RwZq2Nm5/5BH8fj+SJGGz2b4UiSURMAzD0DSNEwcO8MdHHln8d0AcsAUCfOe551h7yy04HA7sdvuSrVEwAV3XjdDgIC/v2cOl06dznqWAJCAAMvn9MwlEgF1PP8037rsPt9uN3W5fkjUKIqDrujF+4QLP3XQTU0NDOc8UIAa4y8sJtrQQqK/H7XQSfv99Pn/nHQRRxNB16/0EEAUatm9n76uv4vP5cDgcBZNYNIF84I0MEK20lIZvf5sNe/dSWlqK1+vFxBEZHubT3/+evqNHmR4dJRWP55BevW0bra+8gt/vx+l0IknSokksikA+8ElgClixYwc3799PZWUlTqczbz+x0VFOPvEEQ6dPE/niCwxdt0jUbd1K68svU1xcXBCJBQnMBz5eWkrL/v2s++Y3KSsrQxQXlxc7f/5zBjo7CQ8NoadSKKQn943t7dyyf79FYjHuNC8BwzAMVVV56Z57+OzNN3PAJ8vK+FZHB2s2b55X6/nahRMnOP7TnxLOKEXJyO2/+hVf37uXoqIinE6nmfzyksirMjNUvvGjH+WAVwG1vJxbDhxg1bp1uFwuMwQWJCu3bWPN3r24SkoAcGbA/OXXv2bws8+IRqOkUqlZGX1RBAzDMHRd51+nTvHewYNX7gPTQMO+faxav56SkpIlgTdlU3s7TXv2IGUs6AGioRDH2tuZmJggFouhqirGPCzyEUBVVX7X1pZzPwI0fP/7bNmzh7KysrzADh8+zP3338++ffs4ePBg3vdEUWTDD3/IsuZmRLsdW4bEpd5eOp99lnA4jKIoaJqWl8QsAqb2Txw4kDNp40BxXR0bWlspLy/PC+qZZ55hdHQUSZIYHByko6ODxx57bBZwcy3kq6xk6y9/ib+qCgQBmbQ7nT50iIs9PUSjUZLJJIZhzEliLgKMDQzwp5/9zLqnkQ51W3/xCwKBAE6nMy+B3t5exsfH6ezspLe3l3g8zuHDh2cBz5bKpibWtrXhLi0FwA3owNsPP8zExATxeBxVVecyQC4Bc+L+taNjluvU33031dddN6/2BUGgpKSE/v5+JicncweaA3i2tDz8MIHrr0eU0gsQBzDW10ffyZNEIhESicScrpRDQNd1xgYG+OC3v7XuJQBXIMDWn/yEioqKeUGMjY0hCAKKoszS1MjIyLzfAmx/4gmKli0DQcBJOmicfOopJicnicfjJoG5LWBq/+Szz+a8oABNe/bgdrvndR1BEKiqqiIejxOLxWYRCAaDC0alqjVrqGxowFNWhkDalUKff07f3/5mWSFTLFksLAK6rjN+4UKO9lXAUV7O2tbWeaNOthZlWZ4FHlh0aN3y4IPIHk+6L8AGvNfRQTgctuZCthVEU/u6rnPutddyBk0A9bt3W4us+QY2fbyurg6v15vTzw033LBoAsHmZoLNzdgcDgBcQKi/n391dTE9PU0ymcyxgkmAVCrF+4cO5WjfFgiwfoGwOTOylJWVUVtba1mkUAKCILClvR1veTkA9owVPnzllZy8YFnA1H5/dzfTw8PWgziwcutWfD4fsiwvCNyUxsZG3G43lZWVVl933XVXQQSq161j+ebNlhXcwBdnzxIOh60lhmkFEUDTNP7++uvWgBrp6mrNHBk3H/BsAtFoFEdm8GAwyMaNGwsiIAgCjbt346uosKwgAp8cPWolNj1THInmsqHn6FGLQApY1thIxcqV+Hy+WX6+0ETesWMHLpcLWZZ54IEHCgYvCAKrbrsNyem0JrQEXMzkhKzlBaKu61z+97+ZHhnJmbwrtm2zJu5CWp8pra2tNDU1sXPnTtrb25dEQBAEvrplC57MXJCB8XPniEQixONxa6Uq6brOQHd3jvvoQP2ttxZUpMxsL7zwwpK+AyxLXrt9Oxe6uxFEEXvGZc4fO0bVD35AMplM1wuapjGYtbugAp5AgKLqaquu/W/JTEs37dqFqihWzSADk8PD1jzQNC3tQtmrThUINDbm+H4h0tfXx6OPPsodd9xBW1sbPT09BQPPluu2b7fWRxIQ6usjFotZBCRN06wZbbZAfT1FRUWWKQtpzz//PMPDw/T09DA1NcXo6CjHjx+f11Xma95AwHJjEdB0HUVRrhCYuRGrAiXBoFUqFtq6u7sZHx9nJBMUurq65uxnsX0Hm5v56A9/ANIJLXrpEolEwgqlUqZQyPlo6OOPlzx5ly1bxnBWQmxpackBW6hSBEC02axrpqasNZGmaek8kN0kYPDjj1FVdUlz4Mknn6Surs4Cb5aUhYZiUy59+GGOgm3V1WiadiUPCILAV9autV5wAaM9PXQeOWJprBBpaGjgxIkTpFIpOjs7aWxsXBJwUwZOnUKZmgLS2zl4vUjSlV1XURRFqtavv3IDKAVe/O53efPxx69aSCxUBs+c4dV77+Vyfz+xy5eBdG3iX7ECm81m9S2JokiwuZmiujrCPT1AuqgOAqcef5zzL77Imt27uemhhyipqVnYZ5cw8bPbR0eOcOall7g8MEB4aIhEJAJk9qOAwKZNyLJsHpQgRKNRIxQK0XPmDH/+3vdQQ6G8na/YtIk199zDypYWVmzceFWAT1y8yMWzZzn/9tv0vfsudqeTlKIQHRvL2QSOAqU7d/K1W2/l2muvpba2Nl3iJhIJIxKJMDw8TO/Zs3zw4x+jTUzkHVCw2fCUleHw+QiuXYu/upqqhgb8VVUYhkFNczPFweCs7z556y3r+vyxYwiiyD+PHwdBwNB1krEYhqYRC4UwdB2D9LJmmnRtXHz77VTfeCPLly+ntraWmpqa9MaaqqqGoiiEQiGGhoYYHBzk00OHiHR2LkqDNlnG7nJhd7nQswqN+ZogiuipFMlYDDWRgBl5KEF6woqAUFFByc03U756NZWVlSxfvpyamhoCgQAejwdB13VDVVVisRihUIiRkRGGh4cZ+sc/GO3qIt7VhZGJAle7mVpWuVKDCBng8jXX4N68Gc8111BUVER5eTnV1dVUV1cTCASuFFqGYaDrupFKpYjH40xMTDA+Ps7Y2Bjj4+OEw2EmenqYPneO1OAgZCWpxTY9S9QMcLhyHGUDRI8HqbISZ309zoYGnE4nHo8Hv99PaWkpgUCAiooK6/DE4XCkI1HW2a6hqiqKojA9Pc3k5KQl4XCY6elpotFoetukv59UKIR66RLToRBJTcMYHUWIRvMSMPO6rbY2/SsIOFatQpYk5NWrkSQJWZZxOBy43W68Xi9+v5+ioiJKSkooLi7G5/PhdruRZdnads85HzD3hpLJJIqiEIvFiEajRCIRIpEI0WiUWCxGPB631iOKopBKpazUbi4Oc7Y+snKCzWbDZrMhSRKSJGG3262w6HK5cLlceDwevF4vPp8Pr9eL2+3G5XLhcDjMkxuETNibdcBhnv9qmkYqlSKZTJJIJFAUhXg8jqIoKIpCIpGwSCSTSVRVtWSuk3qTiAnebrfngHc4HDidTpxOJy6Xy7qWZdk6wZzrxCbvCY1JRNd1NE3LAWgSM69ngp+PgCiK1gF3NhFTzHvmO+Y3wCzw8xLIJpL5tYCZpEyw2f/nWt1ag2UtM0x3Mq1iAp1j+bH0M7KFCGWDnfmbd8AMnuxfUzL/C0rp/wFnFd4nEQn3XQAAAABJRU5ErkJggg==") no-repeat center center;
-}
-.icon.caution {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKdUlEQVRoge1Ze1AV1x3+zt279wEiDWCYGzRVktqa1MEmmtbWR22ncXxUrTDWV/5IqG2wUAUfmUwSkk6V+EAJCEQC6figwZBqZtRxqukftebRZBpFG1S0hiRErwiaKK977+6eX//YPXt37+UiIJlMZnpmdnb33PP4vt97z2VEhG9yc3zdAO60/Z/A192+8QScX8Wifr+fWltbzffU1FT4fD72Vew15ASampqovr4eBw8eNPvGjRuHzMxMmj9//tCTIKIhu958801yuVwEoNdr48aNNJT7EdHQEdi/fz/JshwTvLiKioqGlMSQLFJfX0+MMRvQsWNSqXLzH2jez78fRWLTpk1DRuKOF6irqyOn02kDOP8XGdTz+VFSP91Hatu79NRvZ0SR2LJly5CQuKPJtbW1JEmSDdivHp1AwctHSblYSsqFElLOF5PavIvWZU+LIrF169Y7JjHoibt3744CnzXrIQpeOUbKhVJSmkpIPV9MyrnNpJwtIuVSNa15/MdRJLZt23ZHJBjRwIu5N954gxYvXgzOudm3aO5E1L5SBNZ1HoxrINLAyH6HJxVP/WkXtu9+37ZeSUkJVq9ePagQO+BMXFNTEwV+ybxHsPeVIjg6zwOkgSWNhuOuUUBCKhxJY0AggDSgpwWbn1mO1csftq1ZUFCA0tLSQZXFA0pkVVVVlJOTA6vWsmY9hF07N0AS4OU48LgRWLO+FPFxboxMS8G5hlPYmPMI4jwM1P0Jtj67DJyrKHvtNADdjPPz8+FwOCgvL29gmuivrVVUVESFyqxZD1PoyjFSL+7QHbapmJTml+n9EzVRtl676ZekNKwl5VQ+KSfzKHR2E+UutodYxhiVl5cPyCf6ZUJlZWWUm5trk/wTi6bgtVdf1M2Gq2DEwUgDNBWhUDBqjfSRwwGoIOEP3c3Y/uxirFw0zibMvLw8VFZW9tucbkugoqKCVq1aZQO/YslUVJU+D9bVBIDroLgK4hygEDweybYGY8AD6d8yftfASL+j+2O89NwiPJk51kYiNzcXO3fu7BeJPgkUFxdTbm6ure/JZdNRub0QrOMcGFcBrgLgAHEAGqD2ID7OZZszJi0RcR6HAV4DkaqPJxXouoSywkz8buF9NhIrV65EVVXVbUnEJHDixAlat26drS9n+U+xo/hZMMNhyZA+uAbAIKOGMCJlmG3eA/clAYaJEamGBlRdC6QBXZewo3AhVswfbSORk5ODDz/8sE8SvRLw+/1UXV0dBb5MgOe6LUNIEqpOwgCUlOCESw4HuAfG3KX7B2kAGaTJ0Jro77yI8ucX4DfzRtlIHD58GH6/PyaJXgk0NjZi79695vuUiffrkr91Vt8cHAwc4FZJGiZEKqDcwsi0ZHP+d749POy8MS7iGtBxARWF8/CDsQnm3BdeeAHWj6N+EYhspSVbgI5zYYkZGmAwzIEbwA0tUM9NfO+7aeb89HuGRQBWLcSNZxj3zvOYMzk5NpjBEHi99mXD5lXdjqGDJh42h7CEOXhnK3448X5z/shUb1jSpIEM8yFuzOUcjAsNcnR0KXdG4MEHH8TEiRPN9z0H3sfRE41m+GNcs9i0LjkGTTcrUoGem5g7/V5z/ohElw4O+jxGYQ3qJqmBjN/+cbINtcfCJvPYY4+hr3qtVwI+n49lZmaa71fbbuH3hX/FycbPQKSCoIIMQEQcehjVo5Gw8/F33cSvH03H2HuHY1icQzcvYWKGIMiITMwQwjtnruPpqk9w/ZZq7p2RkYEJEyaAYrCIWY36/X7KyMhAW1ub2XfP3Qmo3ZKFaQ+P0gmYIdSoOkU4lWSwxGRAdqHL/xm86k27w0blAw3/PncD6yo/xrsfdZj7paSkoLGxESNGjAgDZsxWK8X0AZ/Px44fP460tLAzXrnWgUX5r+PYuxf1mG/Gf80sofWy2YuWbg/+uONtPLHhPRw+0WIHL8hbwG95rcUGPiEhAYcOHUJSUhI456YZRWqiz+8BIqLm5mZMmjQJN27cMPsTE9zYtWE25k4bYzh3mABIBRwOHPgPx+LH/6yDiXPi6pHZcEpk+I5qmtGpCzdQecCPPUevmevLsowjR45gypQpcDgc5mVowKaJmBoQTEePHo2GhgaMGxcuum52BLHsqUOoP3oWgLB9Sz7QgpgxJoThw/SSIutnaXBKZEpcgD998Uvs+3ubDbzT6URNTQ0mTZoEVVWhaRo459A0TeCy4etVA+JH8RvnHK2trZgzZw5Onz5tjnPJDrxSOAPLZt1nSVIqwDmIVJw6dx1nLt3A3J/cjZThkhE29cvf3o2KA59ja91lcz3GGDZv3oylS5fC7XbD6XTC6XRCkiRIktS7Jm5HQLDXNA3Xr19HVlYWPvjgA4vEGLav+RHmTxsJX4rb8AsO4kbOIG6GzTD4HvzlmB/PVH9q2zc/Px/Z2dnwer1wu92QZRkulwuSJEGWZZMEY8wkEGVCVvCCAOcciqIgPj4e+/btw9SpU83xqkpYteU9HHm7Bf62rnC2RjikisTFSMPV9m4ceucannvVDn7p0qVYuHAhgsEggsEgQqFQlAlZnVm0PjOxIKFpGogIqqrC5XKhuroa06dPt4wDcl78F+qPNeNKe6cRoTjsZYOKK+3dON7wBQrKm2H5pMbMmTOxZMkSBAIB9PT0oKenB4FAAIqiQFEUU4hRRyq3I2AlIZ4553A6nSgvL8fs2bNtY9eVNaDub58YmhDZWpe+v70bJ5tu4clt/4WihqU4efJkrFixAkRkAg4Gg1AUBaqqmuDF/pGtX7WQNXeIZ0mSUFRUhAULFtjGPl3ZiJdev4QrbZ16zUQqrrZ342JLN5ZvaEJ3ICz68ePHIycnB5qmmZIW4EOhUJTZWEKo+Rx1KsEYY9Zk4XA4IEmSKXnOuRkVJElCYWEhvF4v6urqzDVK9n2Mzu4Qnl5+L9q/7MHltgBWbr9kA5+eno7c3FzIsoyI5GrTeCzgosU8VmGMmSGLiEwSsixH2WNBQQEA2EhUH/wc7330BaaOH479/2zHtS/CFabP58OaNWvg9Xp1EE4nZFmGLMtwu93wer1wuVy2ECpJko2IiTNWJrZGI+HEwi6FisUVCAQQCASwZ88eVFZW9lk9JicnY/369fD5fPB4PCbo+Ph4k4TH44HL5YLX64XX6zXH9EKE9aUBRkTEGLNJP1Kd4nI4HMjOzkZ8fDyKi4ttJ3eiJSYmYu3atRg1apQJzuv1wuPxwOPxwOFwmEBFHnA6nXC5XGYSiywlbns2SnoDANN0hMNZnS0UCpkaOnPmDN566y20tLSY2ktLS8OMGTOQkpICt9uNuLg4M2EJ8CJZSZJkZmFBwkrAWpH2+3BXEBEkRIhTVdVMOCL5qKqKy5cvQ1EUaJoGVVWRnKx/Jlpt3eVy2QCKu9C68AFr9o0spwd0Oh1ZYggCIlNaiQktiXdhZgKQABcp3ci7LMtM7B0JfsAErJoAYItG1mdr+hfvVlACtHDIXkploYXbHvQOikDEe6/ZmjFmAhf9ZvJxOk2Qol88W4kYz32SGNQfHLG+TyMTkAVEr88xQfVnkBg7GAKixSIykDYQsL21/wFkW/B5QqT9lwAAAABJRU5ErkJggg==") no-repeat center center;
-}
-</style>
-</div>
-</div>
-<style type="text/css">
-.deck-container .deck-toc li a span{color: #888;display:inline;}
-</style>
-</body>
-</html>
diff --git a/Module_Secure_Storage_Slides.html b/Module_Secure_Storage_Slides.html
deleted file mode 100644
index 1d064e1..0000000
--- a/Module_Secure_Storage_Slides.html
+++ /dev/null
@@ -1,5535 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-        <meta charset="utf-8">
-        <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
-        <title>Secure Application Storage</title>
-        <meta name="viewport" content="width=1024, user-scalable=no">
-        <meta name="generator" content="cdk" />
-        
-        <!-- Core and extension CSS files -->
-
-<style type="text/css">
-html, body {
-  height: 100%;
-  padding: 0;
-  margin: 0;
-}
-
-body.deck-container {
-  overflow-y: auto;
-  position: static;
-}
-
-.deck-container {
-  position: relative;
-  min-height: 100%;
-  margin: 0 auto;
-  padding: 0 48px;
-  font-size: 16px;
-  line-height: 1.25;
-  overflow: hidden;
-  /* Resets and base styles from HTML5 Boilerplate */
-  /* End HTML5 Boilerplate adaptations */
-}
-.js .deck-container {
-  visibility: hidden;
-}
-.ready .deck-container {
-  visibility: visible;
-}
-.touch .deck-container {
-  -webkit-text-size-adjust: none;
-  -moz-text-size-adjust: none;
-}
-.deck-container div, .deck-container span, .deck-container object, .deck-container iframe,
-.deck-container h1, .deck-container h2, .deck-container h3, .deck-container h4, .deck-container h5, .deck-container h6, .deck-container p, .deck-container blockquote, .deck-container pre,
-.deck-container abbr, .deck-container address, .deck-container cite, .deck-container code, .deck-container del, .deck-container dfn, .deck-container em, .deck-container img, .deck-container ins, .deck-container kbd, .deck-container q, .deck-container samp,
-.deck-container small, .deck-container strong, .deck-container sub, .deck-container sup, .deck-container var, .deck-container b, .deck-container i, .deck-container dl, .deck-container dt, .deck-container dd, .deck-container ol, .deck-container ul, .deck-container li,
-.deck-container fieldset, .deck-container form, .deck-container label, .deck-container legend,
-.deck-container table, .deck-container caption, .deck-container tbody, .deck-container tfoot, .deck-container thead, .deck-container tr, .deck-container th, .deck-container td,
-.deck-container article, .deck-container aside, .deck-container canvas, .deck-container details, .deck-container figcaption, .deck-container figure,
-.deck-container footer, .deck-container header, .deck-container hgroup, .deck-container menu, .deck-container nav, .deck-container section, .deck-container summary,
-.deck-container time, .deck-container mark, .deck-container audio, .deck-container video {
-  margin: 0;
-  padding: 0;
-  border: 0;
-  font-size: 100%;
-  font: inherit;
-  vertical-align: baseline;
-}
-.deck-container article, .deck-container aside, .deck-container details, .deck-container figcaption, .deck-container figure,
-.deck-container footer, .deck-container header, .deck-container hgroup, .deck-container menu, .deck-container nav, .deck-container section {
-  display: block;
-}
-.deck-container blockquote, .deck-container q {
-  quotes: none;
-}
-.deck-container blockquote:before, .deck-container blockquote:after, .deck-container q:before, .deck-container q:after {
-  content: "";
-  content: none;
-}
-.deck-container ins {
-  background-color: #ff9;
-  color: #000;
-  text-decoration: none;
-}
-.deck-container mark {
-  background-color: #ff9;
-  color: #000;
-  font-style: italic;
-  font-weight: bold;
-}
-.deck-container del {
-  text-decoration: line-through;
-}
-.deck-container abbr[title], .deck-container dfn[title] {
-  border-bottom: 1px dotted;
-  cursor: help;
-}
-.deck-container table {
-  border-collapse: collapse;
-  border-spacing: 0;
-}
-.deck-container hr {
-  display: block;
-  height: 1px;
-  border: 0;
-  border-top: 1px solid #ccc;
-  margin: 1em 0;
-  padding: 0;
-}
-.deck-container input, .deck-container select {
-  vertical-align: middle;
-}
-.deck-container select, .deck-container input, .deck-container textarea, .deck-container button {
-  font: 99% sans-serif;
-}
-.deck-container pre, .deck-container code, .deck-container kbd, .deck-container samp {
-  font-family: monospace, sans-serif;
-}
-.deck-container a {
-  -webkit-tap-highlight-color: rgba(0, 0, 0, 0);
-}
-.deck-container a:hover, .deck-container a:active {
-  outline: none;
-}
-.deck-container ul, .deck-container ol {
-  margin-left: 2em;
-  vertical-align: top;
-}
-.deck-container ol {
-  list-style-type: decimal;
-}
-.deck-container nav ul, .deck-container nav li {
-  margin: 0;
-  list-style: none;
-  list-style-image: none;
-}
-.deck-container small {
-  font-size: 85%;
-}
-.deck-container strong, .deck-container th {
-  font-weight: bold;
-}
-.deck-container td {
-  vertical-align: top;
-}
-.deck-container sub, .deck-container sup {
-  font-size: 75%;
-  line-height: 0;
-  position: relative;
-}
-.deck-container sup {
-  top: -0.5em;
-}
-.deck-container sub {
-  bottom: -0.25em;
-}
-.deck-container textarea {
-  overflow: auto;
-}
-.ie6 .deck-container legend, .ie7 .deck-container legend {
-  margin-left: -7px;
-}
-.deck-container input[type="radio"] {
-  vertical-align: text-bottom;
-}
-.deck-container input[type="checkbox"] {
-  vertical-align: bottom;
-}
-.ie7 .deck-container input[type="checkbox"] {
-  vertical-align: baseline;
-}
-.ie6 .deck-container input {
-  vertical-align: text-bottom;
-}
-.deck-container label, .deck-container input[type="button"], .deck-container input[type="submit"], .deck-container input[type="image"], .deck-container button {
-  cursor: pointer;
-}
-.deck-container button, .deck-container input, .deck-container select, .deck-container textarea {
-  margin: 0;
-}
-.deck-container input:invalid, .deck-container textarea:invalid {
-  border-radius: 1px;
-  -moz-box-shadow: 0px 0px 5px red;
-  -webkit-box-shadow: 0px 0px 5px red;
-  box-shadow: 0px 0px 5px red;
-}
-.deck-container input:invalid .no-boxshadow, .deck-container textarea:invalid .no-boxshadow {
-  background-color: #f0dddd;
-}
-.deck-container button {
-  width: auto;
-  overflow: visible;
-}
-.ie7 .deck-container img {
-  -ms-interpolation-mode: bicubic;
-}
-.deck-container, .deck-container select, .deck-container input, .deck-container textarea {
-  color: #444;
-}
-.deck-container a {
-  color: #607890;
-}
-.deck-container a:hover, .deck-container a:focus {
-  color: #036;
-}
-.deck-container a:link {
-  -webkit-tap-highlight-color: #fff;
-}
-.deck-container.deck-loading {
-  display: none;
-}
-
-.slide {
-  width: auto;
-  min-height: 100%;
-  position: relative;
-}
-.slide h1 {
-  font-size: 4.5em;
-}
-.slide h1, .slide .vcenter {
-  font-weight: bold;
-  text-align: center;
-  padding-top: 1em;
-  max-height: 100%;
-}
-.csstransforms .slide h1, .csstransforms .slide .vcenter {
-  padding: 0 48px;
-  position: absolute;
-  left: 0;
-  right: 0;
-  top: 50%;
-  -webkit-transform: translate(0, -50%);
-  -moz-transform: translate(0, -50%);
-  -ms-transform: translate(0, -50%);
-  -o-transform: translate(0, -50%);
-  transform: translate(0, -50%);
-}
-.slide .vcenter h1 {
-  position: relative;
-  top: auto;
-  padding: 0;
-  -webkit-transform: none;
-  -moz-transform: none;
-  -ms-transform: none;
-  -o-transform: none;
-  transform: none;
-}
-.slide h2 {
-  font-size: 2.25em;
-  font-weight: bold;
-  padding-top: .5em;
-  margin: 0 0 .66666em 0;
-  border-bottom: 3px solid #888;
-}
-.slide h3 {
-  font-size: 1.4375em;
-  font-weight: bold;
-  margin-bottom: .30435em;
-}
-.slide h4 {
-  font-size: 1.25em;
-  font-weight: bold;
-  margin-bottom: .25em;
-}
-.slide h5 {
-  font-size: 1.125em;
-  font-weight: bold;
-  margin-bottom: .2222em;
-}
-.slide h6 {
-  font-size: 1em;
-  font-weight: bold;
-}
-.slide img, .slide iframe, .slide video {
-  display: block;
-  max-width: 100%;
-}
-.slide video, .slide iframe, .slide img {
-  display: block;
-  margin: 0 auto;
-}
-.slide p, .slide blockquote, .slide iframe, .slide img, .slide ul, .slide ol, .slide pre, .slide video {
-  margin-bottom: 1em;
-}
-.slide pre {
-  white-space: pre;
-  white-space: pre-wrap;
-  word-wrap: break-word;
-  padding: 1em;
-  border: 1px solid #888;
-}
-.slide em {
-  font-style: italic;
-}
-.slide li {
-  padding: .25em 0;
-  vertical-align: middle;
-}
-
-.deck-before, .deck-previous, .deck-next, .deck-after {
-  position: absolute;
-  left: -999em;
-  top: -999em;
-}
-
-.deck-current {
-  z-index: 2;
-}
-
-.slide .slide {
-  visibility: hidden;
-  position: static;
-  min-height: 0;
-}
-
-.deck-child-current {
-  position: static;
-  z-index: 2;
-}
-.deck-child-current .slide {
-  visibility: hidden;
-}
-.deck-child-current .deck-previous, .deck-child-current .deck-before, .deck-child-current .deck-current {
-  visibility: visible;
-}
-
-@media screen and (max-device-width: 480px) {
-  /* html { -webkit-text-size-adjust:none; -ms-text-size-adjust:none; } */
-}
-@media print {
-  * {
-    background: transparent !important;
-    color: black !important;
-    text-shadow: none !important;
-    filter: none !important;
-    -ms-filter: none !important;
-    -webkit-box-reflect: none !important;
-    -moz-box-reflect: none !important;
-    -webkit-box-shadow: none !important;
-    -moz-box-shadow: none !important;
-    box-shadow: none !important;
-  }
-  * :before, * :after {
-    display: none !important;
-  }
-
-  a, a:visited {
-    color: #444 !important;
-    text-decoration: underline;
-  }
-
-  a[href]:after {
-    content: " (" attr(href) ")";
-  }
-
-  abbr[title]:after {
-    content: " (" attr(title) ")";
-  }
-
-  .ir a:after, a[href^="javascript:"]:after, a[href^="#"]:after {
-    content: "";
-  }
-
-  pre, blockquote {
-    border: 1px solid #999;
-    page-break-inside: avoid;
-  }
-
-  thead {
-    display: table-header-group;
-  }
-
-  tr, img {
-    page-break-inside: avoid;
-  }
-
-  @page {
-    margin: 0.5cm;
-}
-
-  p, h2, h3 {
-    orphans: 3;
-    widows: 3;
-  }
-
-  h2, h3 {
-    page-break-after: avoid;
-  }
-
-  .slide {
-    position: static !important;
-    visibility: visible !important;
-    display: block !important;
-    -webkit-transform: none !important;
-    -moz-transform: none !important;
-    -o-transform: none !important;
-    -ms-transform: none !important;
-    transform: none !important;
-    opacity: 1 !important;
-  }
-
-  h1, .vcenter {
-    -webkit-transform: none !important;
-    -moz-transform: none !important;
-    -o-transform: none !important;
-    -ms-transform: none !important;
-    transform: none !important;
-    padding: 0 !important;
-    position: static !important;
-  }
-
-  .deck-container > .slide {
-    page-break-after: always;
-  }
-
-  .deck-container {
-    width: 100% !important;
-    height: auto !important;
-    padding: 0 !important;
-    display: block !important;
-  }
-
-  script {
-    display: none;
-  }
-}
-</style>
-<style type="text/css">
-.deck-container .goto-form {
-  position: absolute;
-  z-index: 3;
-  bottom: 10px;
-  left: 50%;
-  height: 1.75em;
-  margin: 0 0 0 -9.125em;
-  line-height: 1.75em;
-  padding: 0.625em;
-  display: none;
-  background: #ccc;
-  overflow: hidden;
-}
-.borderradius .deck-container .goto-form {
-  -webkit-border-radius: 10px;
-  -moz-border-radius: 10px;
-  border-radius: 10px;
-}
-.deck-container .goto-form label {
-  font-weight: bold;
-}
-.deck-container .goto-form label, .deck-container .goto-form input {
-  display: inline-block;
-  font-family: inherit;
-}
-
-.deck-goto .goto-form {
-  display: block;
-}
-
-#goto-slide {
-  width: 8.375em;
-  margin: 0 0.625em;
-  height: 1.4375em;
-}
-
-@media print {
-  .goto-form, #goto-slide {
-    display: none !important;
-  }
-}
-</style>
-<style type="text/css">
-.deck-menu .slide {
-  background: #eee;
-  position: relative;
-  left: 0;
-  top: 0;
-  visibility: visible;
-  cursor: pointer;
-}
-.no-csstransforms .deck-menu > .slide {
-  float: left;
-  width: 22%;
-  height: 22%;
-  min-height: 0;
-  margin: 1%;
-  font-size: 0.22em;
-  overflow: hidden;
-  padding: 0 0.5%;
-}
-.csstransforms .deck-menu > .slide {
-  -webkit-transform: scale(0.22) !important;
-  -moz-transform: scale(0.22) !important;
-  -o-transform: scale(0.22) !important;
-  -ms-transform: scale(0.22) !important;
-  transform: scale(0.22) !important;
-  -webkit-transform-origin: 0 0;
-  -moz-transform-origin: 0 0;
-  -o-transform-origin: 0 0;
-  -ms-transform-origin: 0 0;
-  transform-origin: 0 0;
-  -webkit-box-sizing: border-box;
-  -moz-box-sizing: border-box;
-  box-sizing: border-box;
-  width: 100%;
-  height: 100%;
-  overflow: hidden;
-  padding: 0 48px;
-  margin: 12px;
-}
-.deck-menu iframe, .deck-menu img, .deck-menu video {
-  max-width: 100%;
-}
-.deck-menu .deck-current, .no-touch .deck-menu .slide:hover {
-  background: #ddf;
-}
-.deck-menu.deck-container:hover .deck-prev-link, .deck-menu.deck-container:hover .deck-next-link {
-  display: none;
-}
-</style>
-<style type="text/css">
-.deck-container .deck-prev-link, .deck-container .deck-next-link {
-  display: none;
-  position: absolute;
-  z-index: 3;
-  top: 50%;
-  width: 32px;
-  height: 32px;
-  margin-top: -16px;
-  font-size: 20px;
-  font-weight: bold;
-  line-height: 32px;
-  vertical-align: middle;
-  text-align: center;
-  text-decoration: none;
-  color: #fff;
-  background: #888;
-}
-.borderradius .deck-container .deck-prev-link, .borderradius .deck-container .deck-next-link {
-  -webkit-border-radius: 16px;
-  -moz-border-radius: 16px;
-  border-radius: 16px;
-}
-.deck-container .deck-prev-link:hover, .deck-container .deck-prev-link:focus, .deck-container .deck-prev-link:active, .deck-container .deck-prev-link:visited, .deck-container .deck-next-link:hover, .deck-container .deck-next-link:focus, .deck-container .deck-next-link:active, .deck-container .deck-next-link:visited {
-  color: #fff;
-}
-.deck-container .deck-prev-link {
-  left: 8px;
-}
-.deck-container .deck-next-link {
-  right: 8px;
-}
-.deck-container:hover .deck-prev-link, .deck-container:hover .deck-next-link {
-  display: block;
-}
-.deck-container:hover .deck-prev-link.deck-nav-disabled, .touch .deck-container:hover .deck-prev-link, .deck-container:hover .deck-next-link.deck-nav-disabled, .touch .deck-container:hover .deck-next-link {
-  display: none;
-}
-
-@media print {
-  .deck-prev-link, .deck-next-link {
-    display: none !important;
-  }
-}
-</style>
-<style type="text/css">
-.deck-container .deck-status {
-  position: absolute;
-  bottom: 10px;
-  right: 5px;
-  color: #888;
-  z-index: 3;
-  margin: 0;
-}
-
-body.deck-container .deck-status {
-  position: fixed;
-}
-
-@media print {
-  .deck-status {
-    display: none;
-  }
-}
-</style>
-<style type="text/css">
-td.icon {
-  height: 50px;
-  width: 60px !important;
-}
-.icon.tip {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKZUlEQVRoge2aa3BU5RmAn3Pbs7fsJmwCRGITk0hVLFAtNWoq6pAiU0cKaYfa6ShT+YN4YbQw9F/8QX+UMv6gM3Q6oxMV6TgIbe10Gq2gcSzDpRaFgmIk4SKB3LP3Pff+SM66m+xuFvEyzvSbeefsbva8+z7nvXzf934RHMfhmzzEr9uAqx3/B/i6xzceQP6iFDmT1cBxHNzCkFsgBEHIXnNeC1f7u1cN4DiOY9s2rliWhWVZWRDHcbJGC4KAJElIkoQoioii6IiieFUgnxvAtm3HNdg0Tbq6uuju7ubYsWP09vYyMjKCpmmoqkokEqGhoYGFCxfS2tpKW1sbiqJkRZIkZxLoikGEK50H3CdumiZ9fX3s3LmT3bt3U1V3A0033cKc2nkEQxV4PSqSJOI4Dpquk0gkGLx8kZ4T7zF87iSrV69m3bp1NDY2oqoqHo8HWZa5Uo9cEYBt245lWRiGQUdHB9u2beOe1Y8w/6bFVAT9xJJpYvEUiVSGjG5gmBY4DqIoonoUfF4PoYAfRRE5/8kp3njlD6xfv54tW7YQCATw+XyuR8r2RtkAtm07pmly5MgRHn/8cZSaZpbcfjd+n5f+wVEGRqJkdCMv3vME8t77vB6qQn4+OX6YsXPH2bp1Ky0tLQQCAVRVdb0xI0RZZdQ1ft++fSxbtozrlqzgrnvvI5nRee9UL+f6h9B0A1EQEIsBiOKETL7XdJOBkTg1jYtouu1+1qxZw549e4hGo6TTaUzTxLbtGZ/ujEmca/wvHnqYnz/2DLNn19B74TIDI9HPjCvwlLMls4RHdMNC8IRZ8dBmnnp6E7Zts2rVKgB8Ph+yLDulPFEyhBzHcUzT5PDhwyxbtow1j3YQqanmozOfEk2kChuLQ3x0lGQihmM7qF4vVdWz8fr9hYFyoK30OG/ufpYXXniB1tZWwuEwXq8XWZaLJnZJAMuyHE3TuPPOO2lcsoLGpmZO9ZzPM37q0x0ZuISla2xY2077j5ZSFargZM9Znt97gE8uDBb3ziRIfPAcF4/v59VXX6W6uppQKISqqkiSVBCgaA64odPR0YFS00xjUzNnLlwmmkznxbKYI45jk04mefaZJ3j04VXMqZ6Fx6Pw3QXXs/3Xv6Tp2rnTALL3T8wDBCLz8M2Zz/bt24nFYjPmQ0EAt9b39fWxbds2ltxxD0NjMQbdmC+QlIIgIIkSoWCAH971/Wk6PYrCg/f/oHiVmhSP6qWm/gY6Ozvp6ekhmUyi6zq2bWeXK+UAYFkWO3fu5N72dQT8Pi5cGp6xuoiiiBoMktH0gl5trp87DbqQBEMRbl32U3bt2kUikUDTtOzypGwAwzDYvXs3316wiEuDoxiGWVaZrAjP4qW/vFUQ4NAHPdlwKQWiqF4qa+ro6uoikUiQTqcxDKM8ADd8Xn/9dWZdewMVwSCDo7GicT8NSBTZt/8oT259jgOHThBNpIgmUjy3dz/P7z2Qr2My7gs9FNUXoPpbN9Ld3Z0FKBRG0+YBN3y6u7tpWnAr8WR6+gxLfr03TYNMMolhGFimiWVbXDzbx4G3/4XgOIiyTF3DdW45nHG2RhBQfX6q65o5evQoy5cvn9BtWUiSRG5FLQhg2zbHjh3j+tsfKFrv3R8EGL7UT23NLNraWmi+ro5r5kSYHakiVOHH7/OiyDKxZIonf9NJIpWZMQcEwOPx4vNXcPr0B2QymdxEzrO34ExsWRa9vb3csjzEaP9w1sUFZ1RBQJJk/vjbTdTXzS2kDoBQwI9HmcEDOSJ7PAiiSH9/P7quY5omlmVN01soB3Ach5GREbyqiqabM8a+NxAglcmvPOf7h9jR+WdOfNQLwNtHTzIeT+XFfdGCIAiIogSOQzQaxTRNdy4ozwO2baNpGpIkY1j2RAJTeJ0jCAKRmtmcPHORmkglxz48y/5DJ3jrnUPMb7iGxx7+MZZls/efR0rG/VQPgwMC2eQtZHxRAABVVbM3lEpgV178azcvvfYOgiCgZTJomsbGR9oRBIHzl4YYGo2VlcCuWOaE5xVFwbbtqVHiCJOZXBQgEomg6zqSKOIUMrqER+LRKItvaubW78wH4NLQWNmx7+q1DB1ZkgmFQohifqS7xhcFEEWRhoYGEokEqkeeWPLmurcEiGPbpJJJfvbAPVl95/qHJyYvmH5/EdG1FA5QW1ubzZvc8pm1deoHroKFCxcycPkiPlWdnmC5iTxlVk2n0wT9Xu69Y3FW51g8OfH3ye+WnAgnRcukyKQSNDU1Icty7n65NACAJEm0trbSc/zfVAT9JZ/U1NWklslwx/duxqMoWX0Zzcy/bwr0VCDT0NDTSS6f/ZBFixZlN/ySJJXnAVEUaWtrY6DvOIoiFlx5FhPLsrjl5uvzdPq8nsLfL6I3FR1FlhUG+v5LS0tLtmtRlgcEYaL5pCgKq1ev5lzPKfxeT8FwKSQA115Tk6eztjpcsubn6rUMnfj4MLHxIZYuXYrX683rVpQDIIiiiKIorFu3jn+8vIPKCt+0cCkG4m4Bc0fd3OqCoVIIJDo2iCQrvPu3F1m5cmVeu6VQz6hgDrj1t7GxkfXr1/Px+wdRPcr02C+wmgxVVnLm3KU8ffNmVxX03lSgRHSEVGycoYt9tLe3U19fTzAYzAKUVYVyw0hVVbZs2cJw7/uYyZGSIeCCeFWVd499jGGaWX1zq8OfrYOKeC+TijM+cBHHsRju/Q9r164lFAoRDAbdPfEVAQiiKOLxeAgEAmzdupW/v/A7RLPEyjTHuGjKYMfLb3B5eBzdMNl/+CSmZReN+0wqztDFs4iSxIE9O9mwYQPhcJhwOEwgEMhN4GkEZXUlYrEYe/bs4elfbWLFQ5tQKyJlVaRy+kSJ6AhjA58iihJdf9rBUxufYPny5cyZM6esrkTJxpabzIFAgFWrVmHbNps3b+bun6wnVF2H4lHLmlULgZiGTmxkgGR8DNu2efOV3/PUxo20tbURiUSorKwkEAhkk7fYmLE36rZX0uk00WiUgwcP0tHRQcW8G5ndsIBgaBYe1TvtyRYDMXWNZGyU+Ngwkiwz+GkfQ73vsWHDBhYvXkwkEmHWrFmEw2G3M1eyR1pWczcXIh6PMz4+zvbt2+ns7OS2+x6kanYdqjeA1xdAUb3IioIoSjg42JaJaejomTRaOoGeTiHJEvGxYd55rZP29nbWrl1LOBymqqqKyspKKioqyjK+bIBcCE3TSCaTxGIxenp62LVrF11dXdTUL2BO/Xx8/goEUcSxbYSJ2EGS5IlzgnSC/r4PuXzmOEuXLmXlypXU19cTCoUIh8OEQqEr7k5/7vOBdDpNMpkkkUiQSCTo7u7m6NGjnD59mv7+fqLRKIZhoCgKoVCI2tpampqaWLRoES0tLfh8Pvx+P8FgkGAw+OWfD7gj94RG13U0TSOdTpNOp8lMbmQ0TcvbArrrK1mW8Xg8eL3e7BLB5/N9dSc0uSP3jMwwjKy4G3AXwB0ugAsx5YzMndW//DOy3OFMjGwrxrKs7NX9LBfAneFFUcxec6rU5zqpvCqAqTCT16/0nPgLA/i6xjf+Xw3+B2ll/uiqTaJTAAAAAElFTkSuQmCC") no-repeat center center;
-}
-.icon.note {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAJhUlEQVRoge2ZWWycVxXHf+fce7/vm/GaGCde4pI0aQlJC0kRtE1L00JbLIjY4QkeUB9YHhAIJFCExAsKUkE8IAFFPIDUIqhBRSDRBUqCCimFFBCBpCWx02IaZ3G2SdyxPZ7vHh6+mcnSZnFjKIge6Wj8zYzvPf9z/me5d8TM+F8WfbkNuFx5BcDLLf/fAEZGRmx4eNh6enqsp6fHhoeHbWRk5D9aFeSlVqHNmzfb6H33sHnT7ZQmD5GfOMax6Sm+Pl5h1Yc+xpYtW2SBbX1ReUkRGBkZsdH77mHLW95EOv4Ms3ueJh6YYPHUFF9aljJ63z3cf//9/5FIvKQIDA8P293L2yhVjjH7t51ocDiviFecF46n7XzBreChhx4qNhH5t0XjJUVgx44ddGUZ9b/vIpQDoRQIWSDJAiFL6B9axo4dO4gxAmANWVDLG+Ln82URMRGhVCqRHxonlAPqFXWKC4r6IhI6OMjMzBN4/4LlTUQQEZxzZ32QJAlpmrb+p16vU6vVOHXq1AWjN18AnDj0F971vrs4OnmYJVkoDA4FCPUO172ICgnt7SV++4vvsGhRJx3tJbIsRVVpsUnOBBABBVFEClKYwbKr7sTM7EIUnBcA7z21k7t49x1X8JXvbOWra7rw5QRtcN8PLCfvvZJvb9vJycpJpg4/hp/N0I4SMQs4Jw0A5zBXHGiCaIZIKABgpGlKjPEF0TpT5pUDRXiVt99+Le03r+WzuytM1gO6pB/3+o0cbxvk8yOPMjW6i2iR2lxOjJDHSDMFogmGwzQ7rRJAUpAENAGXIZq2AFzQpvkACCEQcahP+cRH3sKHn9zHXU+MM7rtGeD33NDXzaZynZU9gcezpUw9X6OzIyOakkfF4QEpPG6nDRNNEA2FSgKimETSNCXPc0II57VpXhEolUqoOrxPSLOMT330Dv5SqfKDNR388Y2L+caQsjITNv3pMBs3rOT56ZyZGaM+J0QUxDc0INrWUgggoRGBAOIRAt77hY1AmqaoeJxPcN645jVDbNn8Hj73o8fZ/af9mEE9j9y2YRXt5YzZWmRmzjj1/BwhTXAKzitOHEbeWlc0AVwDnCv8KoZzjotV33lTSL1HNKAuEtKM1169jM98/E6mTk3x4Nbd7Bk7TEdHRvAeVY+hmDqmZwx1kIkiqrhzS2zL+AbNMC6l/80LgHMOEY9oQvBCks5RKpXo7JhFxbhz42pet2aQet1YtLiDJAkIDq8BHwJmwlwOUaD0ojsrNKuUReIZyb9gABCHcwWFgg+0lTPyvIRToVzKWLpkMfV6REQplYvmZCj1uuBUSdJwTg8AXBdoCZMOsBkQBeGi/J83gBgjmABC8AlJGsjzFLMyaXDM1etEA0VR50iCx6mSZhkiijpPjEpQD+SF4WdJrTAewdCFB1CtVlFVVATnhMQnWJqC5aTBk+c5IIgWRoTgSZJAmiZAo1s7hwsppglI+fTiljeYnyHkLQotKIAYI4igzpFHISQOiwEnKTEG8hhRVZw6YjRQLfJGHcF7jleqTBw8znXr12MABnv37efYiSnesG4tiUsRUQwD7JIAzKsPqCqiRbVwweM04XdPjhJN+dvTBxgbn6G9q59yZx9/3HWEb33vN+zc/RzOJ+w/eJLtO8Z5ZNtT7PvHIUQTvvv9X/Lc/mN0d3by3fseRLQwvWh0Fy+h8wbQ2VFG1KM+xfuAqufo8So/fejPPD/rqJys8pvf7eLAoeNMHqnw2U9+kH3jVQ5MClMzKUla5obr13HliiEMmDx6gltvuY7Vr1nBQF8PJopQ9AFTt/AROFfMjCW9XTy19xB33Hodb924jr1j+/nDk3/nzTdei4jw3nfeyCOPbufa1y5jzeoVrcHM8HR3dfHlr/2Q+x94jFtuuh44/9B2PplXDryYLF3STXd3e+t5UXcHY89OsOH6NS2Qed7wpM1Rm50G4MGHH2P961Zy3bqreXrPP5mrzwLt5y6/cACq1eoLCKm+TN/SAebmfn8aUG83PYs7+cnPH+eqKwd5as8/edc7bi02847pmVkATk1VWbF8AOcca1Yv59DkqcYK0tCL02deACqVCldc0YdIwLmEPM9RV6NnUZlPf3wT6oqJcePN6wHhzTeu4/CRCrfctJ4sSxBRli7pYfHEMUSU97/7Th751RP8eec+Yp5zzTVXM9DfDyogBvHS6HTJACYmJnjVoq5GFw0454gCEOnoaMfiNGZFFRFxJGkbywZ6i1NWoy9kWYmbb1gHKCHApuGbisVFGyoYUswa5OR5ftF56JIBjI6OMtDfWwAQ35jnc8AVpRXBohVqUowECKqK4RBxoE0W6gvGCcEjaOEAwEQWdpgbGxujt7erOLO2mk3R8i0Wz9EiuUGz+qlKEQEUaJbI4lTHmTVePKgWzpDGJGpc8CDTlEsuo88++wxXDA0UIUbAOP23KGZKjI48KnkuhcbiPbPCOBoeBikOLk2VxjqNRilaAEqSZGEAbN261bZt+zW33XY7IAXXm6Ou0YhIMamaaUOl5WRrzg00viuKWWxpQUOHNAZFQRpD48Xlkig0MTHBB95zG+VSylz1KCbWyDOh2XyK+56IqjWMKigkUnzWnPPFFFRRLZ29SQRUELOGY4pZ6LKOlM07mZ07d/KOtw1TcB4sGkTDiDQ9K1IkrKeYmQC08d7pZLSiRBpE5s7aS0XAHFEKAGY51Wr18g80Zmb33nsvX/z8XdSmj2AWOXhwkrxe46+79jB55Dh/3T2GxUhHextdXW2sXN7PNWtWIQKDA71FFBoAjIgQkVg/a5+oHrU5zIznDhxk964xKpXKggAoTlWW8+OfPorlOQ//cjsDy1bS2dFOW+diVly1iL6+Pqanpzl5qsL4pPHwN3/G1InDlMsZ7Z1tDA30cfWqIa5dexV9fb2YnT7UTxw4xsHJo4yOjfOP8QOMjx/k4OQx7r777lY0zycXvJ02M4sxMjg4SL1eR0TYsGEDw8PD9PX10d7ejogUN3a1GqpKCIE8z5mdnUVVqVarbN++nba2Nvbu3csDDzyAqrJ8+atb+zjn6e/vZ/Xq1axatYq1a9fS29tLlmUMDQ1RKpXOm9EXvV6v1+tWr9eZnp5mZmaGWq1GjLHF62aiNZ+bnPfe45xrvTZzxMyYmZk56+LXzKjX661DvHOOJElIkoRSqYT3/vLvRlW15eHCa4VxzdvmpjZDfubzuXeb3vuzqCEixBhbo0NTkyS5PAr9L8j/96+U/w3yCoCXW14B8HLLvwDd67nwZIEPdgAAAABJRU5ErkJggg==") no-repeat center center;
-}
-.icon.warning {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAMVUlEQVRogdWZeXDVVZbHP7/f27JBwtJIiCERRFlbx5FuHRrRBgtBsRIwCCOrFmGmiDBjYVNlQlgiQjU6IjI4xLJxGf5QGp0Cbaftsu3Rhu6aYXqgLZoWEsjyyDP7S972e7/l3vnj5cW3Ji9M/zOn6lRS997fvd/vueece+59ipSS/89iv5mPZEQQQsS23RQARVEAUFUVRVFQog0ZyogJSClld3c327Ztw7IsLMuKto90KgBsNhtVVVXMnj2bvLw87Ha7HBEJKWXGKoSQXV1dcsuWLfLSpUsyKkKIIdWyrLTqdrvlU089Jc+cOSM9Ho8Mh8NSCCEzxTRi8JWVlbKtre0vAt6yLGmapmxtbZXr1q2TZ86ckW1tbSMikTH4GzduyKqqqkHwsSA1TZOhUChOg8HgoBqGIQ3DSAk+VleuXDliEspwviullD09PbzwwgscO3Yszt91XScQCNDZ2YlhGIPfuFwu7Pb48FJVlZycnEG/z8/PRwiBqqqDYzweD88//zyrV69m7ty5jBs3DofDMWRgD0lASik9Hg979uzh2LFjcYEaCoVob2/n2q9+hbZ585BGSCWltbVMr61NtSYbN25k7dq1zJkzZ1gSaqrGWPD79+9PAh8MBuns7OTie+8R2rwZCYOaqTTt3cuf6+qSwAMcP36co0eP8vXXX9Pd3Y1hGMg0lk65A1HwdXV1vPHGG0mW7+jo4A8/+xn2BAAAI0riQOnu3cyork7Zt3btWtavX89dd92VdieSCEgppdvt5sCBAxw5ciSuLxQK0dTURMOHHyJ37hwh1NSiAKU7djDzxRdT9q9YsYJt27YxY8aMlCTiCEgp5eXLl6mvr+fVV1+NmygYDNLW1sY3J09ipLEYQDPw2sBfCTwMLARKgKwhiNxWU8OsXbvi2qLYnnzySSorK1PvRGyqvH79uty6dWtSLg8EAvLKlSvyo1275M8hSV8H+eMBvRPkP9Vslp0tV6W3u12+c7hOTgT5NyAXgtwE8gTIUyn0D9XV0jAMqet6klZUVMjPP/88KcWqUcs3NjZy+PBhDh06FGeFqNtcOnECY8+euICVwDWgFtj/m1/wD+8f5xtg6uy5ZI+5BSkkU6fexgu7tvLWhd/x1tXL5P/905wAggnzSODavn388Sc/SblDL7/8Mq+99hqXL1+OC2zb7t27uX79+u7Dhw+ndJvW1lYaP/qI0EDKS1z0XeDjC7/l9llz+d6EWxjv0imdcgeFRcVofR46vm1Cx8ndP5hP3qjR/GDuX/GbC5/iberl1qirxGjv73+PYRjc8tBDcVhGjRpFRUUF27dvp7i4mPz8fFwuV2QHVq1aldLyDQ0NXDt5En91NRIQCRqNHld2HsLUCfu6GD9mNIoVQggDy9RQpYLTbkdV7Vh6CH9vJ/fcfz/vALsAN2AlzHv1wAEu1tTExUI0Hl555RXq6upobm4mEAhECEyePDkOvK7rtLS0cOP0aby1tUnAo2oNkFAUSTjoRfN+ix7wgjRBShACVVFQRGSkHvTypwtnmXHPQhrbb3D0k1McAdpiDBLVhp/+lIvV1UlV7oQJE8jNzcXtduPz+ZIPMtM0aWhooPH99+mtrU1ymVRqUxUQFlJYSBFGCivGOSyEaSCFAGlhd+Vy7w/n43BmM3POXWx69hl8AyMTDXTl4EEu7t2bCBGAQCCAruupCdjtdrp3705r+ViN22YhsUwdyzRBCpACyzIRMnpngCxXNjYlMk4L+ggoYXxp5pbAlX37cDgcSQSEEAxmoVgQg/9nAP67bVdAUcFmQ3W6IgtIiWUKLCGwLGvQj69e+m+EsBB6iGB/N/3e9oyNlIgRYm5kiR2JH0L6MkFYEi0UQKAycdJUbIodT3Mjpu6n3xfCptoRlomQCqZpRkhLCykMhLBQSV1HJbalKnvSF3MpNO0OSIEwDWyuPCaVzCRv7ER8Ph+mtJM35lZsdjvuxktYhobDkYOCgqJEDWLLaAfSVc1p78SJO2AAvUBggLUNKIx2Kgqjv3crY2wOiqaqKKoKihKJCctCC/npbW+jq7sbS7UjkGCZCCkQQkdJsV6mRWHGBH4HLHpxF3LcGDq6u7nw2S85++V/4gb0kB9hFoAZwuZwgc2BqjpQVRWbzYXd4cDlysHn7WJi0W2EfH24XA6EjKySqhTPtDRPIjB4XUtoPw3sKV/O+KJipJT4V63mq3/7Obu21/LN/5xl9l/PIys7G2fOaBS7E5vNQrU7UW0KNlUFp5P8MeO5/8HFhPo7CXr7MMIaQW8neSkMlqnEEYj1s8QJbwXaWpopmDgJh93OqHGFLFy9jjunTeHNo2uAvUy54/uMuaUYV24BUpVYpoVEwaY4UVUbitNJ9ugxOBw2tEAPfX29QCjuVB9OEmNBTdeRGEj3A56OdkwtgDDCCKFjz8ql6N55/G3VcRouX+SXH72Ht6udcCg4cJiJSPIn8oCloIKUKAhURUUIiVCjx128pjtrEiVtFkrMNNOBA+s34XG3YIRDSMtAkSbOrDzuvOchHnmiklEFY3n76G7Of/nv9Ht7EMJCSjGoljCxjOBAnaSjhYPowevDZrx04FMSGLwnJEzmAOYCn33wAUYoiGXoSMsEoeNwZTO2aDrzFpWxck0VJVOn4fd2E/T7oneNyOFlGkjLwNTD6FoILRQEa/hDcyhJIuB0OlFVNeVE04B3XjnC+d9+hRYKYJlhpDBBGDidDiaUfp/xk24nJ3c0eaPzsKsgzEhtZJkGIuzDNDRCAR99fb309XYhNAYPsnQ6IgJSSgoKCihavDilJZ4Aajf8HVf/fAnLCCNNAyktECaqIsgbV8So0WMHrn2RGLBMHREOYBg6eiiIFgzQ7/US8vmYoEDuENa/u6oqcwJRPysoKOC+N9+kcNGiJGvkAQuADY+twn3tCuFg/4CVDbB0VKHhzHbhdGVhs6kgDKTuR9f86KEAWtBHd0c73p52pB5Av5KewJxnnmHeoUOEw+EkjHEEYi8MEHlFKyws5IfHjlG4cGHSxJOA1cATPy7nT388j+73YoYDCEuP1DhSRrKOlFhmmLAWQNMCBHw9tHtu8K2nBcsI8uGxf8HoiRBINNTtjz7KQ/X1xL6iRDHGvubZAfr7+1Nuz+TJk6G+nv/atInmX/86rq8AWAlUrahk/Fio/8XHjM4fi93pHCgRFCzLQtd1tFAQLeCjs9NNb4cHxdL44J8PozfD7XyXRqNy97p1PPz220gp0XU9zriKogw+SaqqGtmB48ePU15enkRASklRURH31tcz6cEHk1JrAfAUcEcPLLjvMU69/694uzsI+X3093TS5blBl8eNt72VHk8Tfd9eR+vv4MQ/HkZpiJwttgTL3/Hoo2nBNzY2smjRIhYsWEBBQQEulyvyLuT3+2VTUxM7d+7k5MmTKXNuS0sL555+mtYvv0zqE0A7kavhqFL4oAlCCWOygGIiqTiHyMnuTBgz/bHHKDt9GillnN8D+P1+ysrKWLJkCdOmTWPWrFmUlpZGCAghpN/vp7m5mZqaGl5//XUKCwtJFLfbzX+sX8+Nr75K6rtZiXr49KVLKf/4Y4QQ6LqeBP6RRx6hvLycadOmMXPmTEpKSsjNzf3uZS6WRHV1NadOnUpaTEpJa2sr5zZupOkmSaQqk2csWcLyTz4BQNO0uL7GxkbWr1+fErzNZlMGw1lVVSUvL4+SkhL27dvH8uXL8Xg8ceABiouLue+ttyieN2+IK2Z6TRx/5+LFacE3NDRQWVmZFjwknAOxJF566SW2bNnChQsXkmKipKSEB959l9vmzcvo1pZOpz/8ME98+mla8Bs2bGDZsmVpwUOa5/VEd0oXE319fXxWXs43Z88m9Q0n03/0I1YPJIRE8OfOnWPHjh2UlZUNCT4tgUQSO3fupKqqigceeGCwP/a7VM8emUg0VcbK+fPn2bp1KytWrBgW/JAEEknU1NTw7LPPMn/+/GFBZQI8lZw/f57nnnuO5cuXM2XKlGHBD0sgkURdXR2PP/44FRUVNwV+qP7Tp09z8ODBjNxmRAQSSRw4cIBly5axdOnSvwh4RVH44osv2L9/P2VlZRlbfkQEEkls376djo4OQqHE83bk4nK5EEKwZs0aSktLRwR+RATgOxItLS1cu3aNvr6+wTfK/4tEfzeeMmUKkydPzhg8jJAAREgEg0H6+vrQNC2pFL8ZUVWVrKws8vPzycnJQVXVjH/s/F/lgJiyQFHragAAAABJRU5ErkJggg==") no-repeat center center;
-}
-.icon.important {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAALa0lEQVRogdWZa2wc1RXHfzM7O/teP9e1vXHSmEdjx3YeDkkaF6REKRRCEDSEFNkRjdSWSsgC2iqoRWqLQKiqIBg1NOQDiMeHtkQIQkRRS9S4aWwgCQoUgl232KkT28J21l6vd3d2dx79sDuTXdtre03Uqlc62tl53Pv/n3PuOffcKxiGwf9zE//XAL5sk65WR0a6AaDrOjMtKwgCoigiCAKCIAhXa9wvTcAEHhoc5KMjR7jw3nucf+MN67k/GCS4YQOr77yTpl27kGUZm81mXC0ywlLnQDbwEwcO0P2b3yz4jV5RwZq2Nm5/5BH8fj+SJGGz2b4UiSURMAzD0DSNEwcO8MdHHln8d0AcsAUCfOe551h7yy04HA7sdvuSrVEwAV3XjdDgIC/v2cOl06dznqWAJCAAMvn9MwlEgF1PP8037rsPt9uN3W5fkjUKIqDrujF+4QLP3XQTU0NDOc8UIAa4y8sJtrQQqK/H7XQSfv99Pn/nHQRRxNB16/0EEAUatm9n76uv4vP5cDgcBZNYNIF84I0MEK20lIZvf5sNe/dSWlqK1+vFxBEZHubT3/+evqNHmR4dJRWP55BevW0bra+8gt/vx+l0IknSokksikA+8ElgClixYwc3799PZWUlTqczbz+x0VFOPvEEQ6dPE/niCwxdt0jUbd1K68svU1xcXBCJBQnMBz5eWkrL/v2s++Y3KSsrQxQXlxc7f/5zBjo7CQ8NoadSKKQn943t7dyyf79FYjHuNC8BwzAMVVV56Z57+OzNN3PAJ8vK+FZHB2s2b55X6/nahRMnOP7TnxLOKEXJyO2/+hVf37uXoqIinE6nmfzyksirMjNUvvGjH+WAVwG1vJxbDhxg1bp1uFwuMwQWJCu3bWPN3r24SkoAcGbA/OXXv2bws8+IRqOkUqlZGX1RBAzDMHRd51+nTvHewYNX7gPTQMO+faxav56SkpIlgTdlU3s7TXv2IGUs6AGioRDH2tuZmJggFouhqirGPCzyEUBVVX7X1pZzPwI0fP/7bNmzh7KysrzADh8+zP3338++ffs4ePBg3vdEUWTDD3/IsuZmRLsdW4bEpd5eOp99lnA4jKIoaJqWl8QsAqb2Txw4kDNp40BxXR0bWlspLy/PC+qZZ55hdHQUSZIYHByko6ODxx57bBZwcy3kq6xk6y9/ib+qCgQBmbQ7nT50iIs9PUSjUZLJJIZhzEliLgKMDQzwp5/9zLqnkQ51W3/xCwKBAE6nMy+B3t5exsfH6ezspLe3l3g8zuHDh2cBz5bKpibWtrXhLi0FwA3owNsPP8zExATxeBxVVecyQC4Bc+L+taNjluvU33031dddN6/2BUGgpKSE/v5+JicncweaA3i2tDz8MIHrr0eU0gsQBzDW10ffyZNEIhESicScrpRDQNd1xgYG+OC3v7XuJQBXIMDWn/yEioqKeUGMjY0hCAKKoszS1MjIyLzfAmx/4gmKli0DQcBJOmicfOopJicnicfjJoG5LWBq/+Szz+a8oABNe/bgdrvndR1BEKiqqiIejxOLxWYRCAaDC0alqjVrqGxowFNWhkDalUKff07f3/5mWSFTLFksLAK6rjN+4UKO9lXAUV7O2tbWeaNOthZlWZ4FHlh0aN3y4IPIHk+6L8AGvNfRQTgctuZCthVEU/u6rnPutddyBk0A9bt3W4us+QY2fbyurg6v15vTzw033LBoAsHmZoLNzdgcDgBcQKi/n391dTE9PU0ymcyxgkmAVCrF+4cO5WjfFgiwfoGwOTOylJWVUVtba1mkUAKCILClvR1veTkA9owVPnzllZy8YFnA1H5/dzfTw8PWgziwcutWfD4fsiwvCNyUxsZG3G43lZWVVl933XVXQQSq161j+ebNlhXcwBdnzxIOh60lhmkFEUDTNP7++uvWgBrp6mrNHBk3H/BsAtFoFEdm8GAwyMaNGwsiIAgCjbt346uosKwgAp8cPWolNj1THInmsqHn6FGLQApY1thIxcqV+Hy+WX6+0ETesWMHLpcLWZZ54IEHCgYvCAKrbrsNyem0JrQEXMzkhKzlBaKu61z+97+ZHhnJmbwrtm2zJu5CWp8pra2tNDU1sXPnTtrb25dEQBAEvrplC57MXJCB8XPniEQixONxa6Uq6brOQHd3jvvoQP2ttxZUpMxsL7zwwpK+AyxLXrt9Oxe6uxFEEXvGZc4fO0bVD35AMplM1wuapjGYtbugAp5AgKLqaquu/W/JTEs37dqFqihWzSADk8PD1jzQNC3tQtmrThUINDbm+H4h0tfXx6OPPsodd9xBW1sbPT09BQPPluu2b7fWRxIQ6usjFotZBCRN06wZbbZAfT1FRUWWKQtpzz//PMPDw/T09DA1NcXo6CjHjx+f11Xma95AwHJjEdB0HUVRrhCYuRGrAiXBoFUqFtq6u7sZHx9nJBMUurq65uxnsX0Hm5v56A9/ANIJLXrpEolEwgqlUqZQyPlo6OOPlzx5ly1bxnBWQmxpackBW6hSBEC02axrpqasNZGmaek8kN0kYPDjj1FVdUlz4Mknn6Surs4Cb5aUhYZiUy59+GGOgm3V1WiadiUPCILAV9autV5wAaM9PXQeOWJprBBpaGjgxIkTpFIpOjs7aWxsXBJwUwZOnUKZmgLS2zl4vUjSlV1XURRFqtavv3IDKAVe/O53efPxx69aSCxUBs+c4dV77+Vyfz+xy5eBdG3iX7ECm81m9S2JokiwuZmiujrCPT1AuqgOAqcef5zzL77Imt27uemhhyipqVnYZ5cw8bPbR0eOcOall7g8MEB4aIhEJAJk9qOAwKZNyLJsHpQgRKNRIxQK0XPmDH/+3vdQQ6G8na/YtIk199zDypYWVmzceFWAT1y8yMWzZzn/9tv0vfsudqeTlKIQHRvL2QSOAqU7d/K1W2/l2muvpba2Nl3iJhIJIxKJMDw8TO/Zs3zw4x+jTUzkHVCw2fCUleHw+QiuXYu/upqqhgb8VVUYhkFNczPFweCs7z556y3r+vyxYwiiyD+PHwdBwNB1krEYhqYRC4UwdB2D9LJmmnRtXHz77VTfeCPLly+ntraWmpqa9MaaqqqGoiiEQiGGhoYYHBzk00OHiHR2LkqDNlnG7nJhd7nQswqN+ZogiuipFMlYDDWRgBl5KEF6woqAUFFByc03U756NZWVlSxfvpyamhoCgQAejwdB13VDVVVisRihUIiRkRGGh4cZ+sc/GO3qIt7VhZGJAle7mVpWuVKDCBng8jXX4N68Gc8111BUVER5eTnV1dVUV1cTCASuFFqGYaDrupFKpYjH40xMTDA+Ps7Y2Bjj4+OEw2EmenqYPneO1OAgZCWpxTY9S9QMcLhyHGUDRI8HqbISZ309zoYGnE4nHo8Hv99PaWkpgUCAiooK6/DE4XCkI1HW2a6hqiqKojA9Pc3k5KQl4XCY6elpotFoetukv59UKIR66RLToRBJTcMYHUWIRvMSMPO6rbY2/SsIOFatQpYk5NWrkSQJWZZxOBy43W68Xi9+v5+ioiJKSkooLi7G5/PhdruRZdnads85HzD3hpLJJIqiEIvFiEajRCIRIpEI0WiUWCxGPB631iOKopBKpazUbi4Oc7Y+snKCzWbDZrMhSRKSJGG3262w6HK5cLlceDwevF4vPp8Pr9eL2+3G5XLhcDjMkxuETNibdcBhnv9qmkYqlSKZTJJIJFAUhXg8jqIoKIpCIpGwSCSTSVRVtWSuk3qTiAnebrfngHc4HDidTpxOJy6Xy7qWZdk6wZzrxCbvCY1JRNd1NE3LAWgSM69ngp+PgCiK1gF3NhFTzHvmO+Y3wCzw8xLIJpL5tYCZpEyw2f/nWt1ag2UtM0x3Mq1iAp1j+bH0M7KFCGWDnfmbd8AMnuxfUzL/C0rp/wFnFd4nEQn3XQAAAABJRU5ErkJggg==") no-repeat center center;
-}
-.icon.caution {
-  background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKdUlEQVRoge1Ze1AV1x3+zt279wEiDWCYGzRVktqa1MEmmtbWR22ncXxUrTDWV/5IqG2wUAUfmUwSkk6V+EAJCEQC6figwZBqZtRxqukftebRZBpFG1S0hiRErwiaKK977+6eX//YPXt37+UiIJlMZnpmdnb33PP4vt97z2VEhG9yc3zdAO60/Z/A192+8QScX8Wifr+fWltbzffU1FT4fD72Vew15ASampqovr4eBw8eNPvGjRuHzMxMmj9//tCTIKIhu958801yuVwEoNdr48aNNJT7EdHQEdi/fz/JshwTvLiKioqGlMSQLFJfX0+MMRvQsWNSqXLzH2jez78fRWLTpk1DRuKOF6irqyOn02kDOP8XGdTz+VFSP91Hatu79NRvZ0SR2LJly5CQuKPJtbW1JEmSDdivHp1AwctHSblYSsqFElLOF5PavIvWZU+LIrF169Y7JjHoibt3744CnzXrIQpeOUbKhVJSmkpIPV9MyrnNpJwtIuVSNa15/MdRJLZt23ZHJBjRwIu5N954gxYvXgzOudm3aO5E1L5SBNZ1HoxrINLAyH6HJxVP/WkXtu9+37ZeSUkJVq9ePagQO+BMXFNTEwV+ybxHsPeVIjg6zwOkgSWNhuOuUUBCKhxJY0AggDSgpwWbn1mO1csftq1ZUFCA0tLSQZXFA0pkVVVVlJOTA6vWsmY9hF07N0AS4OU48LgRWLO+FPFxboxMS8G5hlPYmPMI4jwM1P0Jtj67DJyrKHvtNADdjPPz8+FwOCgvL29gmuivrVVUVESFyqxZD1PoyjFSL+7QHbapmJTml+n9EzVRtl676ZekNKwl5VQ+KSfzKHR2E+UutodYxhiVl5cPyCf6ZUJlZWWUm5trk/wTi6bgtVdf1M2Gq2DEwUgDNBWhUDBqjfSRwwGoIOEP3c3Y/uxirFw0zibMvLw8VFZW9tucbkugoqKCVq1aZQO/YslUVJU+D9bVBIDroLgK4hygEDweybYGY8AD6d8yftfASL+j+2O89NwiPJk51kYiNzcXO3fu7BeJPgkUFxdTbm6ure/JZdNRub0QrOMcGFcBrgLgAHEAGqD2ID7OZZszJi0RcR6HAV4DkaqPJxXouoSywkz8buF9NhIrV65EVVXVbUnEJHDixAlat26drS9n+U+xo/hZMMNhyZA+uAbAIKOGMCJlmG3eA/clAYaJEamGBlRdC6QBXZewo3AhVswfbSORk5ODDz/8sE8SvRLw+/1UXV0dBb5MgOe6LUNIEqpOwgCUlOCESw4HuAfG3KX7B2kAGaTJ0Jro77yI8ucX4DfzRtlIHD58GH6/PyaJXgk0NjZi79695vuUiffrkr91Vt8cHAwc4FZJGiZEKqDcwsi0ZHP+d749POy8MS7iGtBxARWF8/CDsQnm3BdeeAHWj6N+EYhspSVbgI5zYYkZGmAwzIEbwA0tUM9NfO+7aeb89HuGRQBWLcSNZxj3zvOYMzk5NpjBEHi99mXD5lXdjqGDJh42h7CEOXhnK3448X5z/shUb1jSpIEM8yFuzOUcjAsNcnR0KXdG4MEHH8TEiRPN9z0H3sfRE41m+GNcs9i0LjkGTTcrUoGem5g7/V5z/ohElw4O+jxGYQ3qJqmBjN/+cbINtcfCJvPYY4+hr3qtVwI+n49lZmaa71fbbuH3hX/FycbPQKSCoIIMQEQcehjVo5Gw8/F33cSvH03H2HuHY1icQzcvYWKGIMiITMwQwjtnruPpqk9w/ZZq7p2RkYEJEyaAYrCIWY36/X7KyMhAW1ub2XfP3Qmo3ZKFaQ+P0gmYIdSoOkU4lWSwxGRAdqHL/xm86k27w0blAw3/PncD6yo/xrsfdZj7paSkoLGxESNGjAgDZsxWK8X0AZ/Px44fP460tLAzXrnWgUX5r+PYuxf1mG/Gf80sofWy2YuWbg/+uONtPLHhPRw+0WIHL8hbwG95rcUGPiEhAYcOHUJSUhI456YZRWqiz+8BIqLm5mZMmjQJN27cMPsTE9zYtWE25k4bYzh3mABIBRwOHPgPx+LH/6yDiXPi6pHZcEpk+I5qmtGpCzdQecCPPUevmevLsowjR45gypQpcDgc5mVowKaJmBoQTEePHo2GhgaMGxcuum52BLHsqUOoP3oWgLB9Sz7QgpgxJoThw/SSIutnaXBKZEpcgD998Uvs+3ubDbzT6URNTQ0mTZoEVVWhaRo459A0TeCy4etVA+JH8RvnHK2trZgzZw5Onz5tjnPJDrxSOAPLZt1nSVIqwDmIVJw6dx1nLt3A3J/cjZThkhE29cvf3o2KA59ja91lcz3GGDZv3oylS5fC7XbD6XTC6XRCkiRIktS7Jm5HQLDXNA3Xr19HVlYWPvjgA4vEGLav+RHmTxsJX4rb8AsO4kbOIG6GzTD4HvzlmB/PVH9q2zc/Px/Z2dnwer1wu92QZRkulwuSJEGWZZMEY8wkEGVCVvCCAOcciqIgPj4e+/btw9SpU83xqkpYteU9HHm7Bf62rnC2RjikisTFSMPV9m4ceucannvVDn7p0qVYuHAhgsEggsEgQqFQlAlZnVm0PjOxIKFpGogIqqrC5XKhuroa06dPt4wDcl78F+qPNeNKe6cRoTjsZYOKK+3dON7wBQrKm2H5pMbMmTOxZMkSBAIB9PT0oKenB4FAAIqiQFEUU4hRRyq3I2AlIZ4553A6nSgvL8fs2bNtY9eVNaDub58YmhDZWpe+v70bJ5tu4clt/4WihqU4efJkrFixAkRkAg4Gg1AUBaqqmuDF/pGtX7WQNXeIZ0mSUFRUhAULFtjGPl3ZiJdev4QrbZ16zUQqrrZ342JLN5ZvaEJ3ICz68ePHIycnB5qmmZIW4EOhUJTZWEKo+Rx1KsEYY9Zk4XA4IEmSKXnOuRkVJElCYWEhvF4v6urqzDVK9n2Mzu4Qnl5+L9q/7MHltgBWbr9kA5+eno7c3FzIsoyI5GrTeCzgosU8VmGMmSGLiEwSsixH2WNBQQEA2EhUH/wc7330BaaOH479/2zHtS/CFabP58OaNWvg9Xp1EE4nZFmGLMtwu93wer1wuVy2ECpJko2IiTNWJrZGI+HEwi6FisUVCAQQCASwZ88eVFZW9lk9JicnY/369fD5fPB4PCbo+Ph4k4TH44HL5YLX64XX6zXH9EKE9aUBRkTEGLNJP1Kd4nI4HMjOzkZ8fDyKi4ttJ3eiJSYmYu3atRg1apQJzuv1wuPxwOPxwOFwmEBFHnA6nXC5XGYSiywlbns2SnoDANN0hMNZnS0UCpkaOnPmDN566y20tLSY2ktLS8OMGTOQkpICt9uNuLg4M2EJ8CJZSZJkZmFBwkrAWpH2+3BXEBEkRIhTVdVMOCL5qKqKy5cvQ1EUaJoGVVWRnKx/Jlpt3eVy2QCKu9C68AFr9o0spwd0Oh1ZYggCIlNaiQktiXdhZgKQABcp3ci7LMtM7B0JfsAErJoAYItG1mdr+hfvVlACtHDIXkploYXbHvQOikDEe6/ZmjFmAhf9ZvJxOk2Qol88W4kYz32SGNQfHLG+TyMTkAVEr88xQfVnkBg7GAKixSIykDYQsL21/wFkW/B5QqT9lwAAAABJRU5ErkJggg==") no-repeat center center;
-}
-</style>
-
-<style type="text/css">
-.deck-container .deck-toc {
-  position: absolute;
-  z-index: 40;
-  top: 0px;
-  bottom: 0px;
-  left: 0;
-  right: 55%;
-  padding: 0.625em;
-  display: none;
-  background: #ccc;
-  overflow-y: auto;
-  overflow-x: auto;
-  background-color: #DDE4EB;
-  border-right: #A9A9A9 solid 1px;
-  width: 500px; }
-  .deck-container .deck-toc ul {
-    list-style: none;
-    margin: 0px;
-    padding: 0px;
-    font-size: 1em; }
-    .deck-container .deck-toc ul li {
-      white-space: nowrap;
-      padding-left: 0.8em;
-      font-weight: normal; }
-      .deck-container .deck-toc ul li#toc-0 {
-        font-weight: bold;
-        padding-bottom: 1em;
-        padding-left: 0px; }
-  .deck-container .deck-toc a {
-    width: 100%;
-    display: block !important;
-    text-decoration: none;
-    color: #595959 !important; }
-
-.deck-toc-frame .deck-toc {
-  display: block; }
-
-@media print {
-  .deck-toc {
-    display: none; } }
-
-
-.deck-container .deck-toc li a span{color: #888;display:none;}
-</style>
-
-<style type="text/css">
-.hidden{ display:none; }
-#help-text{
-    border: 1px solid #CCDDEE;
-    box-shadow: 0 15px 10px -10px rgba(0, 0, 0, 0.5), 0 1px 4px rgba(0, 0, 0, 0.3), 0 0 40px rgba(0, 0, 0, 0.1) inset;
-    border-radius: 10px 10px 10px 10px;
-    background-color:#FFFFFF;
-    position:absolute;
-    z-index:4;
- }
-
-#help-text dl {  padding: 0.5em;width:600px; }
-#help-text dt:after {  content: ":";}
-#help-text dt {  float: left; clear: left; width: 160px; text-align: right; font-weight: bold; color: green; }
-#help-text dd {  margin: 0 0 0 180px; padding: 0 0 0.5em 0; }
-
-
-@media print {
-  #help-text {
-    display: none; } }
-</style>
-<style type="text/css">
-#breadcrumb{
-    position:absolute;
-    top: 0px;
-    padding-top:5px;
-    z-index:4;
-    color:#BBB;
-    font-size:16px;
- }
-#breadcrumb h2 a{ text-decoration:none; color: #999;}
-
-</style>
-<style type="text/css">
-section.large-black-slide,
-section.black-slide {
-  background-color: #222;
-}
-section.large-black-slide h2.section-slide {
-  font-size: 11.518865600000003em !important;
-  text-align: center !important;
-  color: white !important;
-  width: 90%;
-  margin-bottom: 0px;
-  line-height: 1.1em;
-}
-section.black-slide h2 {
-  font-size: 4.4em !important;
-  text-align: center !important;
-  color: white !important;
-  width: 90%;
-  position: absolute;
-  top: 20%;
-}
-section.large-black-slide a.deck-prev-link,
-section.large-black-slide a.deck-next-link {
-  display: none !important;
-}
-section.black-slide a.deck-prev-link,
-section.black-slide a.deck-next-link {
-  display: none !important;
-}
-section.typewriter-slide {
-  background-color: #FCEAB1;
-}
-section.typewriter-slide h2.section-slide {
-  font-size: 4.4em !important;
-  font-family: "American Typewriter", monospace !important;
-  text-align: center !important;
-  color: #111 !important;
-  position: absolute;
-  top: 25% !important;
-}
-section.typewriter-slide a.deck-prev-link,
-section.typewriter-slide a.deck-next-link {
-  display: none !important;
-}
-</style>
-
-
-<style type="text/css">
-/*
-  pygmentize filter
-*/
-
-table.highlighttable{ width:100%;}
-td.linenos { width: 80px;}
-.highlight .hll { background-color: #ffffcc }
-.highlight .c { color: #808080 } /* Comment */
-/* .highlight .err { color: #F00000; background-color: #F0A0A0 } */  /* removing the Error class */
-.highlight .k { color: #008000; font-weight: 600; } /* Keyword */
-.highlight .o { color: #303030 } /* Operator */
-.highlight .cm { color: #808080 } /* Comment.Multiline */
-.highlight .cp { color: #507090 } /* Comment.Preproc */
-.highlight .c1 { color: #808080 } /* Comment.Single */
-.highlight .cs { color: #cc0000; font-weight: bold } /* Comment.Special */
-.highlight .gd { color: #A00000 } /* Generic.Deleted */
-.highlight .ge { font-style: italic } /* Generic.Emph */
-.highlight .gr { color: #FF0000 } /* Generic.Error */
-.highlight .gh { color: #000080; font-weight: bold } /* Generic.Heading */
-.highlight .gi { color: #00A000 } /* Generic.Inserted */
-.highlight .go { color: #808080 } /* Generic.Output */
-.highlight .gp { color: #c65d09; font-weight: bold } /* Generic.Prompt */
-.highlight .gs { font-weight: bold } /* Generic.Strong */
-.highlight .gu { color: #800080; font-weight: bold } /* Generic.Subheading */
-.highlight .gt { color: #0040D0 } /* Generic.Traceback */
-.highlight .kc { color: #008000; font-weight: bold } /* Keyword.Constant */
-.highlight .kd { color: #008000; font-weight: bold } /* Keyword.Declaration */
-.highlight .kn { color: #008000; font-weight: bold } /* Keyword.Namespace */
-.highlight .kp { color: #003080; font-weight: bold } /* Keyword.Pseudo */
-.highlight .kr { color: #008000; font-weight: bold } /* Keyword.Reserved */
-.highlight .kt { color: #303090; font-weight: bold } /* Keyword.Type */
-.highlight .m { color: #6000E0; font-weight: bold } /* Literal.Number */
-.highlight .s { background-color: #fff0f0 } /* Literal.String */
-.highlight .na { color: #0000C0 } /* Name.Attribute */
-.highlight .nb { color: #007020 } /* Name.Builtin */
-.highlight .nc { color: #B00060; font-weight: bold } /* Name.Class */
-.highlight .no { color: #003060; font-weight: bold } /* Name.Constant */
-.highlight .nd { color: #505050; font-weight: bold } /* Name.Decorator */
-.highlight .ni { color: #800000; font-weight: bold } /* Name.Entity */
-.highlight .ne { color: #F00000; font-weight: bold } /* Name.Exception */
-.highlight .nf { color: #0060B0; font-weight: bold } /* Name.Function */
-.highlight .nl { color: #907000; font-weight: bold } /* Name.Label */
-.highlight .nn { color: #0e84b5; font-weight: bold } /* Name.Namespace */
-.highlight .nt { color: #007000 } /* Name.Tag */
-.highlight .nv { color: #906030 } /* Name.Variable */
-.highlight .ow { color: #000000; font-weight: bold } /* Operator.Word */
-.highlight .w { color: #bbbbbb } /* Text.Whitespace */
-.highlight .mf { color: #6000E0; font-weight: bold } /* Literal.Number.Float */
-.highlight .mh { color: #005080; font-weight: bold } /* Literal.Number.Hex */
-.highlight .mi { color: #0000D0; font-weight: bold } /* Literal.Number.Integer */
-.highlight .mo { color: #4000E0; font-weight: bold } /* Literal.Number.Oct */
-.highlight .sb { background-color: #fff0f0 } /* Literal.String.Backtick */
-.highlight .sc { color: #0040D0 } /* Literal.String.Char */
-.highlight .sd { color: #D04020 } /* Literal.String.Doc */
-.highlight .s2 { background-color: #fff0f0 } /* Literal.String.Double */
-.highlight .se { color: #606060; font-weight: bold; background-color: #fff0f0 } /* Literal.String.Escape */
-.highlight .sh { background-color: #fff0f0 } /* Literal.String.Heredoc */
-.highlight .si { background-color: #e0e0e0 } /* Literal.String.Interpol */
-.highlight .sx { color: #D02000; background-color: #fff0f0 } /* Literal.String.Other */
-.highlight .sr { color: #000000; background-color: #fff0ff } /* Literal.String.Regex */
-.highlight .s1 { background-color: #fff0f0 } /* Literal.String.Single */
-.highlight .ss { color: #A06000 } /* Literal.String.Symbol */
-.highlight .bp { color: #007020 } /* Name.Builtin.Pseudo */
-.highlight .vc { color: #306090 } /* Name.Variable.Class */
-.highlight .vg { color: #d07000; font-weight: bold } /* Name.Variable.Global */
-.highlight .vi { color: #3030B0 } /* Name.Variable.Instance */
-.highlight .il { color: #0000D0; font-weight: bold } /* Literal.Number.Integer.Long */
-</style>
-
-
-<!-- Theme CSS files -->
-<style type="text/css">
-@charset "UTF-8";
-section.slide {
-  margin-left: 0;
-  padding-left: 2.719406674907293em !important;
-}
-p.note {
-  text-align: right;
-  font-style: italic;
-}
-div.title {
-  text-align: center;
-  font-style: italic;
-  font-size: 0.6420052911747088em;
-}
-.preamble p {
-  text-align: right;
-  font-size: 0.6420052911747088em;
-  color: #888;
-}
-h2.section-slide {
-  font-size: 4.4em;
-  font-weight: bold;
-  text-align: left;
-  padding-top: 0.13226314198078057em;
-  margin-bottom: 0.19839471297117084em;
-}
-span.big {
-  font-size: 2.719406674907293em;
-  color: #0B7495;
-}
-.deck-container .slide ol li p {
-  font-size: 1.038764561120679em;
-}
-.deck-container {
-  font-family: 'PT Sans';
-  font-size: 1.6807210598932587em;
-  /* background-image: url(''); */
-  background-size: 5%;
-  background-repeat: no-repeat;
-  background-attachment: fixed;
-  background-position: top right;
-}
-.deck-container > .slide {
-  text-shadow: 1px 1px 1px rgba(255, 255, 255, 0.5);
-}
-.deck-container .slide h1,
-.deck-container .slide h2,
-.deck-container .slide h3,
-.deck-container .slide h4,
-.deck-container .slide h5,
-.deck-container .slide h6 {
-  font-family: 'PT Sans Narrow';
-}
-.deck-container .slide h1 {
-  color: #000000;
-}
-.deck-container .slide h2 {
-  color: #222222;
-  border-bottom: 0;
-}
-.cssreflections .deck-container .slide h1 {
-  line-height: 1;
-  -webkit-box-reflect: below -0.4em -webkit-gradient(linear, left top, left bottom, from(transparent), color-stop(0.4, transparent), color-stop(0.7, rgba(255, 255, 255, 0.05)), to(transparent));
-  -moz-box-reflect: below -0.4em -moz-linear-gradient(top, transparent 0%, transparent 30%, rgba(255, 255, 255, 0.3) 100%);
-}
-.deck-container .slide h3 {
-  color: #000;
-  font-size: 2.0168652718719104em;
-}
-.deck-container .slide h4 {
-  font-size: 1.8487931658825847em;
-  font-weight: bold;
-  margin-bottom: .25em;
-}
-.deck-container .slide p {
-  margin-bottom: 0.5em;
-  font-size: 1.6807210598932587em;
-}
-.deck-container .slide .sidebarblock {
-  font-size: 0.6420052911747088em;
-  color: #666;
-}
-.deck-container .slide pre {
-  border-color: #cde;
-  background: #fff;
-  position: relative;
-  z-index: auto;
-  /* http://nicolasgallagher.com/css-drop-shadows-without-images/ */
-
-}
-.deck-container .slide code,
-.deck-container .slide pre {
-  font-size: 1.038764561120679em !important;
-  line-height: 1.2465174733448148em;
-  font-family: Courier, 'Courier New', monospace;
-}
-.deck-container .slide dt {
-  font-size: 1.6807210598932587em;
-  color: #0B7495;
-}
-.borderradius .deck-container .slide pre {
-  -webkit-border-radius: 5px;
-  -moz-border-radius: 5px;
-  border-radius: 5px;
-  font-family: Courier, 'Courier New', monospace;
-}
-.csstransforms.boxshadow .deck-container .slide pre > :first-child:before {
-  content: "";
-  position: absolute;
-  z-index: -1;
-  background: #fff;
-  top: 0;
-  bottom: 0;
-  left: 0;
-  right: 0;
-}
-.csstransforms.boxshadow .deck-container .slide pre:before,
-.csstransforms.boxshadow .deck-container .slide pre:after {
-  content: "";
-  position: absolute;
-  z-index: -2;
-  bottom: 15px;
-  width: 50%;
-  height: 20%;
-  max-width: 300px;
-  -webkit-box-shadow: 0 15px 10px rgba(0, 0, 0, 0.7);
-  -moz-box-shadow: 0 15px 10px rgba(0, 0, 0, 0.7);
-  box-shadow: 0 15px 10px rgba(0, 0, 0, 0.7);
-}
-.csstransforms.boxshadow .deck-container .slide pre:before {
-  left: 10px;
-  -webkit-transform: rotate(-3deg);
-  -moz-transform: rotate(-3deg);
-  -ms-transform: rotate(-3deg);
-  -o-transform: rotate(-3deg);
-  transform: rotate(-3deg);
-}
-.csstransforms.boxshadow .deck-container .slide pre:after {
-  right: 10px;
-  -webkit-transform: rotate(3deg);
-  -moz-transform: rotate(3deg);
-  -ms-transform: rotate(3deg);
-  -o-transform: rotate(3deg);
-  transform: rotate(3deg);
-}
-.deck-container .slide code {
-  color: #789;
-}
-.deck-container .slide blockquote {
-  font-family: 'PT Sans';
-  font-size: 1.6807210598932587em;
-  padding: 1em 2em .5em 2em;
-  color: #000;
-  background: #fff;
-  position: relative;
-  border: 1px solid #cde;
-  z-index: auto;
-}
-.borderradius .deck-container .slide blockquote {
-  -webkit-border-radius: 5px;
-  -moz-border-radius: 5px;
-  border-radius: 5px;
-}
-.boxshadow .deck-container .slide blockquote > :first-child:before {
-  content: "";
-  position: absolute;
-  z-index: -1;
-  background: #fff;
-  top: 0;
-  bottom: 0;
-  left: 0;
-  right: 0;
-}
-.boxshadow .deck-container .slide blockquote:after {
-  content: "";
-  position: absolute;
-  z-index: -2;
-  top: 10px;
-  bottom: 10px;
-  left: 0;
-  right: 50%;
-  -moz-border-radius: 0.1px;
-  border-radius: 0.1px;
-  -webkit-box-shadow: 0 0 15px rgba(0, 0, 0, 0.6);
-  -moz-box-shadow: 0 0 15px rgba(0, 0, 0, 0.6);
-  box-shadow: 0 0 15px rgba(0, 0, 0, 0.6);
-}
-.deck-container .slide blockquote cite {
-  font-size: 0.3967894259423417em;
-  font-style: normal;
-  font-weight: bold;
-  color: #888;
-}
-.deck-container .slide blockquote:before {
-  content: "“";
-  position: absolute;
-  top: 0;
-  left: 0;
-  font-size: 4.4em;
-  line-height: 1;
-  color: #ccf0f0;
-  z-index: 1;
-}
-.deck-container .slide ::-moz-selection {
-  background: #08455f;
-  color: #fff;
-}
-.deck-container .slide ::selection {
-  background: #08455f;
-  color: #fff;
-}
-.deck-container .slide a,
-.deck-container .slide a:hover,
-.deck-container .slide a:focus,
-.deck-container .slide a:active,
-.deck-container .slide a:visited {
-  color: #599;
-  text-decoration: none;
-}
-.deck-container .slide a:hover,
-.deck-container .slide a:focus {
-  text-decoration: underline;
-}
-.deck-container .deck-prev-link,
-.deck-container .deck-next-link {
-  background: #fff;
-  opacity: 0.5;
-}
-.deck-container .deck-prev-link,
-.deck-container .deck-prev-link:hover,
-.deck-container .deck-prev-link:focus,
-.deck-container .deck-prev-link:active,
-.deck-container .deck-prev-link:visited,
-.deck-container .deck-next-link,
-.deck-container .deck-next-link:hover,
-.deck-container .deck-next-link:focus,
-.deck-container .deck-next-link:active,
-.deck-container .deck-next-link:visited {
-  color: #599;
-}
-.deck-container .deck-prev-link:hover,
-.deck-container .deck-prev-link:focus,
-.deck-container .deck-next-link:hover,
-.deck-container .deck-next-link:focus {
-  opacity: 1;
-  text-decoration: none;
-}
-.deck-container .deck-status {
-  font-size: 0.3967894259423417em;
-}
-.deck-container.deck-menu .slide {
-  background: transparent;
-  -webkit-border-radius: 5px;
-  -moz-border-radius: 5px;
-  border-radius: 5px;
-}
-.rgba .deck-container.deck-menu .slide {
-  background: rgba(0, 0, 0, 0.1);
-}
-.deck-container.deck-menu .slide.deck-current,
-.rgba .deck-container.deck-menu .slide.deck-current,
-.no-touch .deck-container.deck-menu .slide:hover {
-  background: #fff;
-}
-.deck-container .goto-form {
-  background: #fff;
-  border: 1px solid #cde;
-  -webkit-border-radius: 5px;
-  -moz-border-radius: 5px;
-  border-radius: 5px;
-}
-.boxshadow .deck-container .goto-form {
-  -webkit-box-shadow: 0 15px 10px -10px rgba(0, 0, 0, 0.5), 0 1px 4px rgba(0, 0, 0, 0.3), 0 0 40px rgba(0, 0, 0, 0.1) inset;
-  -moz-box-shadow: 0 15px 10px -10px rgba(0, 0, 0, 0.5), 0 1px 4px rgba(0, 0, 0, 0.3), 0 0 40px rgba(0, 0, 0, 0.1) inset;
-  box-shadow: 0 15px 10px -10px rgba(0, 0, 0, 0.5), 0 1px 4px rgba(0, 0, 0, 0.3), 0 0 40px rgba(0, 0, 0, 0.1) inset;
-}
-img[alt="1"],
-img[alt="2"],
-img[alt="3"],
-img[alt="4"],
-img[alt="5"],
-img[alt="6"],
-img[alt="7"],
-img[alt="8"],
-img[alt="9"] {
-  display: inline;
-  vertical-align: bottom;
-  font-size: 6px;
-  padding: 0 5px;
-}
-div.colist.arabic table tbody tr td:first-child {
-  /*may cause issues*/
-
-  width: 26px;
-}
-span.monospaced {
-  font-family: courier !important;
-  color: #434343 !important;
-  text-shadow: 1px 1px 2px #D3D0D0 !important;
-}
-h2:empty {
-  padding: 0;
-  margin: 0;
-  margin-top: 44px;
-}
-/*
- * html5 specific
- * copied from asciidoc.css, which is not included
- * */
-table.tableblock {
-  margin-top: 1.0em;
-  margin-bottom: 1.5em;
-}
-thead,
-p.tableblock.header {
-  font-weight: bold;
-  color: #527bbd;
-}
-p.tableblock {
-  margin-top: 0;
-}
-table.tableblock {
-  border-width: 3px;
-  border-spacing: 0px;
-  border-style: solid;
-  border-color: #527bbd;
-  border-collapse: collapse;
-}
-th.tableblock,
-td.tableblock {
-  border-width: 1px;
-  padding: 4px;
-  border-style: solid;
-  border-color: #527bbd;
-}
-table.tableblock.frame-topbot {
-  border-left-style: hidden;
-  border-right-style: hidden;
-}
-table.tableblock.frame-sides {
-  border-top-style: hidden;
-  border-bottom-style: hidden;
-}
-table.tableblock.frame-none {
-  border-style: hidden;
-}
-th.tableblock.halign-left,
-td.tableblock.halign-left {
-  text-align: left;
-}
-th.tableblock.halign-center,
-td.tableblock.halign-center {
-  text-align: center;
-}
-th.tableblock.halign-right,
-td.tableblock.halign-right {
-  text-align: right;
-}
-th.tableblock.valign-top,
-td.tableblock.valign-top {
-  vertical-align: top;
-}
-th.tableblock.valign-middle,
-td.tableblock.valign-middle {
-  vertical-align: middle;
-}
-th.tableblock.valign-bottom,
-td.tableblock.valign-bottom {
-  vertical-align: bottom;
-}
-/* Classes to support color and font declarations in asciidoc
-eg [red small]#this text#
-*/
-span.aqua {
-  color: aqua;
-}
-span.black {
-  color: black;
-}
-span.blue {
-  color: blue;
-}
-span.fuchsia {
-  color: fuchsia;
-}
-span.gray {
-  color: gray;
-}
-span.green {
-  color: green;
-}
-span.lime {
-  color: lime;
-}
-span.maroon {
-  color: maroon;
-}
-span.navy {
-  color: navy;
-}
-span.olive {
-  color: olive;
-}
-span.purple {
-  color: purple;
-}
-span.red {
-  color: red;
-}
-span.silver {
-  color: silver;
-}
-span.teal {
-  color: teal;
-}
-span.white {
-  color: white;
-}
-span.yellow {
-  color: yellow;
-}
-span.aqua-background {
-  background: aqua;
-}
-span.black-background {
-  background: black;
-}
-span.blue-background {
-  background: blue;
-}
-span.fuchsia-background {
-  background: fuchsia;
-}
-span.gray-background {
-  background: gray;
-}
-span.green-background {
-  background: green;
-}
-span.lime-background {
-  background: lime;
-}
-span.maroon-background {
-  background: maroon;
-}
-span.navy-background {
-  background: navy;
-}
-span.olive-background {
-  background: olive;
-}
-span.purple-background {
-  background: purple;
-}
-span.red-background {
-  background: red;
-}
-span.silver-background {
-  background: silver;
-}
-span.teal-background {
-  background: teal;
-}
-span.white-background {
-  background: white;
-}
-span.yellow-background {
-  background: yellow;
-}
-span.big {
-  font-size: 2.719406674907293em;
-}
-span.small {
-  font-size: 0.6420052911747088em;
-}
-span.tiny {
-  font-size: 0.3967894259423417em;
-}
-span.underline {
-  text-decoration: underline;
-}
-span.overline {
-  text-decoration: overline;
-}
-span.line-through {
-  text-decoration: line-through;
-}
-div.form {
-  font-size: 1.6807210598932587em;
-}
-.form input[type="text"] {
-  width: 400px;
-}
-/* bootstrap forms css */
-.btn {
-  display: inline-block;
-  *display: inline;
-  padding: 4px 12px;
-  margin-bottom: 0;
-  *margin-left: .3em;
-  font-size: 14px;
-  line-height: 20px;
-  color: #333333;
-  text-align: center;
-  text-shadow: 0 1px 1px rgba(255, 255, 255, 0.75);
-  vertical-align: middle;
-  cursor: pointer;
-  background-color: #f5f5f5;
-  *background-color: #e6e6e6;
-  background-image: -moz-linear-gradient(top, #ffffff, #e6e6e6);
-  background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#ffffff), to(#e6e6e6));
-  background-image: -webkit-linear-gradient(top, #ffffff, #e6e6e6);
-  background-image: -o-linear-gradient(top, #ffffff, #e6e6e6);
-  background-image: linear-gradient(to bottom, #ffffff, #e6e6e6);
-  background-repeat: repeat-x;
-  border: 1px solid #bbbbbb;
-  *border: 0;
-  border-color: #e6e6e6 #e6e6e6 #bfbfbf;
-  border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
-  border-bottom-color: #a2a2a2;
-  -webkit-border-radius: 4px;
-  -moz-border-radius: 4px;
-  border-radius: 4px;
-  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#ffe6e6e6', GradientType=0);
-  filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
-  *zoom: 1;
-  -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
-  -moz-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
-  box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
-}
-.btn:hover,
-.btn:active,
-.btn.active,
-.btn.disabled,
-.btn[disabled] {
-  color: #333333;
-  background-color: #e6e6e6;
-  *background-color: #d9d9d9;
-}
-.btn:active,
-.btn.active {
-  background-color: #cccccc \9;
-}
-.btn:first-child {
-  *margin-left: 0;
-}
-.btn:hover {
-  color: #333333;
-  text-decoration: none;
-  background-position: 0 -15px;
-  -webkit-transition: background-position 0.1s linear;
-  -moz-transition: background-position 0.1s linear;
-  -o-transition: background-position 0.1s linear;
-  transition: background-position 0.1s linear;
-}
-.btn:focus {
-  outline: thin dotted #333;
-  outline: 5px auto -webkit-focus-ring-color;
-  outline-offset: -2px;
-}
-.btn.active,
-.btn:active {
-  background-image: none;
-  outline: 0;
-  -webkit-box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
-  -moz-box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
-  box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
-}
-select,
-textarea,
-input[type="text"],
-input[type="password"],
-input[type="datetime"],
-input[type="datetime-local"],
-input[type="date"],
-input[type="month"],
-input[type="time"],
-input[type="week"],
-input[type="number"],
-input[type="email"],
-input[type="url"],
-input[type="search"],
-input[type="tel"],
-input[type="color"],
-.uneditable-input {
-  display: inline-block;
-  height: 20px;
-  padding: 4px 6px;
-  margin-bottom: 10px;
-  font-size: 14px;
-  line-height: 20px;
-  color: #555555;
-  vertical-align: middle;
-  -webkit-border-radius: 4px;
-  -moz-border-radius: 4px;
-  border-radius: 4px;
-}
-textarea {
-  height: auto;
-}
-textarea,
-input[type="text"],
-input[type="password"],
-input[type="datetime"],
-input[type="datetime-local"],
-input[type="date"],
-input[type="month"],
-input[type="time"],
-input[type="week"],
-input[type="number"],
-input[type="email"],
-input[type="url"],
-input[type="search"],
-input[type="tel"],
-input[type="color"],
-.uneditable-input {
-  background-color: #ffffff;
-  border: 1px solid #cccccc;
-  -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075);
-  -moz-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075);
-  box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075);
-  -webkit-transition: border linear 0.2s, box-shadow linear 0.2s;
-  -moz-transition: border linear 0.2s, box-shadow linear 0.2s;
-  -o-transition: border linear 0.2s, box-shadow linear 0.2s;
-  transition: border linear 0.2s, box-shadow linear 0.2s;
-}
-textarea:focus,
-input[type="text"]:focus,
-input[type="password"]:focus,
-input[type="datetime"]:focus,
-input[type="datetime-local"]:focus,
-input[type="date"]:focus,
-input[type="month"]:focus,
-input[type="time"]:focus,
-input[type="week"]:focus,
-input[type="number"]:focus,
-input[type="email"]:focus,
-input[type="url"]:focus,
-input[type="search"]:focus,
-input[type="tel"]:focus,
-input[type="color"]:focus,
-.uneditable-input:focus {
-  border-color: rgba(82, 168, 236, 0.8);
-  outline: 0;
-  outline: thin dotted \9;
-  /* IE6-9 */
-
-  -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 8px rgba(82, 168, 236, 0.6);
-  -moz-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 8px rgba(82, 168, 236, 0.6);
-  box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 8px rgba(82, 168, 236, 0.6);
-}
-/* start of sasa's changes */
-h3 {
-  float: none;
-}
-.listingblock div.title {
-  text-align: left;
-}
-div.sidebarblock > div.content {
-  background: #FFE;
-  border: 1px solid #DDD;
-  border-left: 4px solid #F0F0F0;
-  margin-top: 1.0em;
-  margin-bottom: 1.0em;
-  padding: 0.5em;
-  border-radius: 5px;
-}
-div.sidebarblock > div.content > div.title {
-  color: #527BBD;
-  font-weight: bold;
-  text-align: left;
-  margin-bottom: 0.5em;
-  font-size: 1.54em;
-}
-.slide pre {
-  line-height: 1.1em;
-  padding: 0.5em;
-}
-td.icon {
-  width: 48px;
-  padding: 0;
-}
-.deck-container .slide p {
-  font-size: 1.54em;
-}
-.admonitionblock table {
-  margin: 10px 0px;
-}
-</style>
-
-
-<script type="text/javascript">
-/*<![CDATA[*/
-/* Modernizr 2.0.6 (Custom Build) | MIT & BSD
- * Contains: fontface | backgroundsize | borderimage | borderradius | boxshadow | flexbox | hsla | multiplebgs | opacity | rgba | textshadow | cssanimations | csscolumns | generatedcontent | cssgradients | cssreflections | csstransforms | csstransforms3d | csstransitions | applicationcache | canvas | canvastext | draganddrop | hashchange | history | audio | video | indexeddb | input | inputtypes | localstorage | postmessage | sessionstorage | websockets | websqldatabase | webworkers | geolocation | inlinesvg | smil | svg | svgclippaths | touch | webgl | iepp | cssclasses | addtest | teststyles | testprop | testallprops | hasevent | prefixes | domprefixes | load
- */
-;window.Modernizr=function(a,b,c){function H(){e.input=function(a){for(var b=0,c=a.length;b<c;b++)t[a[b]]=a[b]in l;return t}("autocomplete autofocus list placeholder max min multiple pattern required step".split(" ")),e.inputtypes=function(a){for(var d=0,e,f,h,i=a.length;d<i;d++)l.setAttribute("type",f=a[d]),e=l.type!=="text",e&&(l.value=m,l.style.cssText="position:absolute;visibility:hidden;",/^range$/.test(f)&&l.style.WebkitAppearance!==c?(g.appendChild(l),h=b.defaultView,e=h.getComputedStyle&&h.getComputedStyle(l,null).WebkitAppearance!=="textfield"&&l.offsetHeight!==0,g.removeChild(l)):/^(search|tel)$/.test(f)||(/^(url|email)$/.test(f)?e=l.checkValidity&&l.checkValidity()===!1:/^color$/.test(f)?(g.appendChild(l),g.offsetWidth,e=l.value!=m,g.removeChild(l)):e=l.value!=m)),s[a[d]]=!!e;return s}("search tel url email datetime date month week time datetime-local number range color".split(" "))}function F(a,b){var c=a.charAt(0).toUpperCase()+a.substr(1),d=(a+" "+p.join(c+" ")+c).split(" ");return E(d,b)}function E(a,b){for(var d in a)if(k[a[d]]!==c)return b=="pfx"?a[d]:!0;return!1}function D(a,b){return!!~(""+a).indexOf(b)}function C(a,b){return typeof a===b}function B(a,b){return A(o.join(a+";")+(b||""))}function A(a){k.cssText=a}var d="2.0.6",e={},f=!0,g=b.documentElement,h=b.head||b.getElementsByTagName("head")[0],i="modernizr",j=b.createElement(i),k=j.style,l=b.createElement("input"),m=":)",n=Object.prototype.toString,o=" -webkit- -moz- -o- -ms- -khtml- ".split(" "),p="Webkit Moz O ms Khtml".split(" "),q={svg:"http://www.w3.org/2000/svg"},r={},s={},t={},u=[],v=function(a,c,d,e){var f,h,j,k=b.createElement("div");if(parseInt(d,10))while(d--)j=b.createElement("div"),j.id=e?e[d]:i+(d+1),k.appendChild(j);f=["&shy;","<style>",a,"</style>"].join(""),k.id=i,k.innerHTML+=f,g.appendChild(k),h=c(k,a),k.parentNode.removeChild(k);return!!h},w=function(){function d(d,e){e=e||b.createElement(a[d]||"div"),d="on"+d;var f=d in e;f||(e.setAttribute||(e=b.createElement("div")),e.setAttribute&&e.removeAttribute&&(e.setAttribute(d,""),f=C(e[d],"function"),C(e[d],c)||(e[d]=c),e.removeAttribute(d))),e=null;return f}var a={select:"input",change:"input",submit:"form",reset:"form",error:"img",load:"img",abort:"img"};return d}(),x,y={}.hasOwnProperty,z;!C(y,c)&&!C(y.call,c)?z=function(a,b){return y.call(a,b)}:z=function(a,b){return b in a&&C(a.constructor.prototype[b],c)};var G=function(c,d){var f=c.join(""),g=d.length;v(f,function(c,d){var f=b.styleSheets[b.styleSheets.length-1],h=f.cssRules&&f.cssRules[0]?f.cssRules[0].cssText:f.cssText||"",i=c.childNodes,j={};while(g--)j[i[g].id]=i[g];e.touch="ontouchstart"in a||j.touch.offsetTop===9,e.csstransforms3d=j.csstransforms3d.offsetLeft===9,e.generatedcontent=j.generatedcontent.offsetHeight>=1,e.fontface=/src/i.test(h)&&h.indexOf(d.split(" ")[0])===0},g,d)}(['@font-face {font-family:"font";src:url("https://")}',["@media (",o.join("touch-enabled),("),i,")","{#touch{top:9px;position:absolute}}"].join(""),["@media (",o.join("transform-3d),("),i,")","{#csstransforms3d{left:9px;position:absolute}}"].join(""),['#generatedcontent:after{content:"',m,'";visibility:hidden}'].join("")],["fontface","touch","csstransforms3d","generatedcontent"]);r.flexbox=function(){function c(a,b,c,d){a.style.cssText=o.join(b+":"+c+";")+(d||"")}function a(a,b,c,d){b+=":",a.style.cssText=(b+o.join(c+";"+b)).slice(0,-b.length)+(d||"")}var d=b.createElement("div"),e=b.createElement("div");a(d,"display","box","width:42px;padding:0;"),c(e,"box-flex","1","width:10px;"),d.appendChild(e),g.appendChild(d);var f=e.offsetWidth===42;d.removeChild(e),g.removeChild(d);return f},r.canvas=function(){var a=b.createElement("canvas");return!!a.getContext&&!!a.getContext("2d")},r.canvastext=function(){return!!e.canvas&&!!C(b.createElement("canvas").getContext("2d").fillText,"function")},r.webgl=function(){return!!a.WebGLRenderingContext},r.touch=function(){return e.touch},r.geolocation=function(){return!!navigator.geolocation},r.postmessage=function(){return!!a.postMessage},r.websqldatabase=function(){var b=!!a.openDatabase;return b},r.indexedDB=function(){for(var b=-1,c=p.length;++b<c;)if(a[p[b].toLowerCase()+"IndexedDB"])return!0;return!!a.indexedDB},r.hashchange=function(){return w("hashchange",a)&&(b.documentMode===c||b.documentMode>7)},r.history=function(){return!!a.history&&!!history.pushState},r.draganddrop=function(){return w("dragstart")&&w("drop")},r.websockets=function(){for(var b=-1,c=p.length;++b<c;)if(a[p[b]+"WebSocket"])return!0;return"WebSocket"in a},r.rgba=function(){A("background-color:rgba(150,255,150,.5)");return D(k.backgroundColor,"rgba")},r.hsla=function(){A("background-color:hsla(120,40%,100%,.5)");return D(k.backgroundColor,"rgba")||D(k.backgroundColor,"hsla")},r.multiplebgs=function(){A("background:url(https://),url(https://),red url(https://)");return/(url\s*\(.*?){3}/.test(k.background)},r.backgroundsize=function(){return F("backgroundSize")},r.borderimage=function(){return F("borderImage")},r.borderradius=function(){return F("borderRadius")},r.boxshadow=function(){return F("boxShadow")},r.textshadow=function(){return b.createElement("div").style.textShadow===""},r.opacity=function(){B("opacity:.55");return/^0.55$/.test(k.opacity)},r.cssanimations=function(){return F("animationName")},r.csscolumns=function(){return F("columnCount")},r.cssgradients=function(){var a="background-image:",b="gradient(linear,left top,right bottom,from(#9f9),to(white));",c="linear-gradient(left top,#9f9, white);";A((a+o.join(b+a)+o.join(c+a)).slice(0,-a.length));return D(k.backgroundImage,"gradient")},r.cssreflections=function(){return F("boxReflect")},r.csstransforms=function(){return!!E(["transformProperty","WebkitTransform","MozTransform","OTransform","msTransform"])},r.csstransforms3d=function(){var a=!!E(["perspectiveProperty","WebkitPerspective","MozPerspective","OPerspective","msPerspective"]);a&&"webkitPerspective"in g.style&&(a=e.csstransforms3d);return a},r.csstransitions=function(){return F("transitionProperty")},r.fontface=function(){return e.fontface},r.generatedcontent=function(){return e.generatedcontent},r.video=function(){var a=b.createElement("video"),c=!1;try{if(c=!!a.canPlayType){c=new Boolean(c),c.ogg=a.canPlayType('video/ogg; codecs="theora"');var d='video/mp4; codecs="avc1.42E01E';c.h264=a.canPlayType(d+'"')||a.canPlayType(d+', mp4a.40.2"'),c.webm=a.canPlayType('video/webm; codecs="vp8, vorbis"')}}catch(e){}return c},r.audio=function(){var a=b.createElement("audio"),c=!1;try{if(c=!!a.canPlayType)c=new Boolean(c),c.ogg=a.canPlayType('audio/ogg; codecs="vorbis"'),c.mp3=a.canPlayType("audio/mpeg;"),c.wav=a.canPlayType('audio/wav; codecs="1"'),c.m4a=a.canPlayType("audio/x-m4a;")||a.canPlayType("audio/aac;")}catch(d){}return c},r.localstorage=function(){try{return!!localStorage.getItem}catch(a){return!1}},r.sessionstorage=function(){try{return!!sessionStorage.getItem}catch(a){return!1}},r.webworkers=function(){return!!a.Worker},r.applicationcache=function(){return!!a.applicationCache},r.svg=function(){return!!b.createElementNS&&!!b.createElementNS(q.svg,"svg").createSVGRect},r.inlinesvg=function(){var a=b.createElement("div");a.innerHTML="<svg/>";return(a.firstChild&&a.firstChild.namespaceURI)==q.svg},r.smil=function(){return!!b.createElementNS&&/SVG/.test(n.call(b.createElementNS(q.svg,"animate")))},r.svgclippaths=function(){return!!b.createElementNS&&/SVG/.test(n.call(b.createElementNS(q.svg,"clipPath")))};for(var I in r)z(r,I)&&(x=I.toLowerCase(),e[x]=r[I](),u.push((e[x]?"":"no-")+x));e.input||H(),e.addTest=function(a,b){if(typeof a=="object")for(var d in a)z(a,d)&&e.addTest(d,a[d]);else{a=a.toLowerCase();if(e[a]!==c)return;b=typeof b=="boolean"?b:!!b(),g.className+=" "+(b?"":"no-")+a,e[a]=b}return e},A(""),j=l=null,a.attachEvent&&function(){var a=b.createElement("div");a.innerHTML="<elem></elem>";return a.childNodes.length!==1}()&&function(a,b){function s(a){var b=-1;while(++b<g)a.createElement(f[b])}a.iepp=a.iepp||{};var d=a.iepp,e=d.html5elements||"abbr|article|aside|audio|canvas|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",f=e.split("|"),g=f.length,h=new RegExp("(^|\\s)("+e+")","gi"),i=new RegExp("<(/*)("+e+")","gi"),j=/^\s*[\{}]\s*$/,k=new RegExp("(^|[^\\n]*?\\s)("+e+")([^\\n]*)({[\\n\\w\\W]*?})","gi"),l=b.createDocumentFragment(),m=b.documentElement,n=m.firstChild,o=b.createElement("body"),p=b.createElement("style"),q=/print|all/,r;d.getCSS=function(a,b){if(a+""===c)return"";var e=-1,f=a.length,g,h=[];while(++e<f){g=a[e];if(g.disabled)continue;b=g.media||b,q.test(b)&&h.push(d.getCSS(g.imports,b),g.cssText),b="all"}return h.join("")},d.parseCSS=function(a){var b=[],c;while((c=k.exec(a))!=null)b.push(((j.exec(c[1])?"\n":c[1])+c[2]+c[3]).replace(h,"$1.iepp_$2")+c[4]);return b.join("\n")},d.writeHTML=function(){var a=-1;r=r||b.body;while(++a<g){var c=b.getElementsByTagName(f[a]),d=c.length,e=-1;while(++e<d)c[e].className.indexOf("iepp_")<0&&(c[e].className+=" iepp_"+f[a])}l.appendChild(r),m.appendChild(o),o.className=r.className,o.id=r.id,o.innerHTML=r.innerHTML.replace(i,"<$1font")},d._beforePrint=function(){p.styleSheet.cssText=d.parseCSS(d.getCSS(b.styleSheets,"all")),d.writeHTML()},d.restoreHTML=function(){o.innerHTML="",m.removeChild(o),m.appendChild(r)},d._afterPrint=function(){d.restoreHTML(),p.styleSheet.cssText=""},s(b),s(l);d.disablePP||(n.insertBefore(p,n.firstChild),p.media="print",p.className="iepp-printshim",a.attachEvent("onbeforeprint",d._beforePrint),a.attachEvent("onafterprint",d._afterPrint))}(a,b),e._version=d,e._prefixes=o,e._domPrefixes=p,e.hasEvent=w,e.testProp=function(a){return E([a])},e.testAllProps=F,e.testStyles=v,g.className=g.className.replace(/\bno-js\b/,"")+(f?" js "+u.join(" "):"");return e}(this,this.document),function(a,b,c){function k(a){return!a||a=="loaded"||a=="complete"}function j(){var a=1,b=-1;while(p.length- ++b)if(p[b].s&&!(a=p[b].r))break;a&&g()}function i(a){var c=b.createElement("script"),d;c.src=a.s,c.onreadystatechange=c.onload=function(){!d&&k(c.readyState)&&(d=1,j(),c.onload=c.onreadystatechange=null)},m(function(){d||(d=1,j())},H.errorTimeout),a.e?c.onload():n.parentNode.insertBefore(c,n)}function h(a){var c=b.createElement("link"),d;c.href=a.s,c.rel="stylesheet",c.type="text/css";if(!a.e&&(w||r)){var e=function(a){m(function(){if(!d)try{a.sheet.cssRules.length?(d=1,j()):e(a)}catch(b){b.code==1e3||b.message=="security"||b.message=="denied"?(d=1,m(function(){j()},0)):e(a)}},0)};e(c)}else c.onload=function(){d||(d=1,m(function(){j()},0))},a.e&&c.onload();m(function(){d||(d=1,j())},H.errorTimeout),!a.e&&n.parentNode.insertBefore(c,n)}function g(){var a=p.shift();q=1,a?a.t?m(function(){a.t=="c"?h(a):i(a)},0):(a(),j()):q=0}function f(a,c,d,e,f,h){function i(){!o&&k(l.readyState)&&(r.r=o=1,!q&&j(),l.onload=l.onreadystatechange=null,m(function(){u.removeChild(l)},0))}var l=b.createElement(a),o=0,r={t:d,s:c,e:h};l.src=l.data=c,!s&&(l.style.display="none"),l.width=l.height="0",a!="object"&&(l.type=d),l.onload=l.onreadystatechange=i,a=="img"?l.onerror=i:a=="script"&&(l.onerror=function(){r.e=r.r=1,g()}),p.splice(e,0,r),u.insertBefore(l,s?null:n),m(function(){o||(u.removeChild(l),r.r=r.e=o=1,j())},H.errorTimeout)}function e(a,b,c){var d=b=="c"?z:y;q=0,b=b||"j",C(a)?f(d,a,b,this.i++,l,c):(p.splice(this.i++,0,a),p.length==1&&g());return this}function d(){var a=H;a.loader={load:e,i:0};return a}var l=b.documentElement,m=a.setTimeout,n=b.getElementsByTagName("script")[0],o={}.toString,p=[],q=0,r="MozAppearance"in l.style,s=r&&!!b.createRange().compareNode,t=r&&!s,u=s?l:n.parentNode,v=a.opera&&o.call(a.opera)=="[object Opera]",w="webkitAppearance"in l.style,x=w&&"async"in b.createElement("script"),y=r?"object":v||x?"img":"script",z=w?"img":y,A=Array.isArray||function(a){return o.call(a)=="[object Array]"},B=function(a){return Object(a)===a},C=function(a){return typeof a=="string"},D=function(a){return o.call(a)=="[object Function]"},E=[],F={},G,H;H=function(a){function f(a){var b=a.split("!"),c=E.length,d=b.pop(),e=b.length,f={url:d,origUrl:d,prefixes:b},g,h;for(h=0;h<e;h++)g=F[b[h]],g&&(f=g(f));for(h=0;h<c;h++)f=E[h](f);return f}function e(a,b,e,g,h){var i=f(a),j=i.autoCallback;if(!i.bypass){b&&(b=D(b)?b:b[a]||b[g]||b[a.split("/").pop().split("?")[0]]);if(i.instead)return i.instead(a,b,e,g,h);e.load(i.url,i.forceCSS||!i.forceJS&&/css$/.test(i.url)?"c":c,i.noexec),(D(b)||D(j))&&e.load(function(){d(),b&&b(i.origUrl,h,g),j&&j(i.origUrl,h,g)})}}function b(a,b){function c(a){if(C(a))e(a,h,b,0,d);else if(B(a))for(i in a)a.hasOwnProperty(i)&&e(a[i],h,b,i,d)}var d=!!a.test,f=d?a.yep:a.nope,g=a.load||a.both,h=a.callback,i;c(f),c(g),a.complete&&b.load(a.complete)}var g,h,i=this.yepnope.loader;if(C(a))e(a,0,i,0);else if(A(a))for(g=0;g<a.length;g++)h=a[g],C(h)?e(h,0,i,0):A(h)?H(h):B(h)&&b(h,i);else B(a)&&b(a,i)},H.addPrefix=function(a,b){F[a]=b},H.addFilter=function(a){E.push(a)},H.errorTimeout=1e4,b.readyState==null&&b.addEventListener&&(b.readyState="loading",b.addEventListener("DOMContentLoaded",G=function(){b.removeEventListener("DOMContentLoaded",G,0),b.readyState="complete"},0)),a.yepnope=d()}(this,this.document),Modernizr.load=function(){yepnope.apply(window,[].slice.call(arguments,0))};
-/*! jQuery v1.10.2 | (c) 2005, 2013 jQuery Foundation, Inc. | jquery.org/license
-//@ sourceMappingURL=jquery-1.10.2.min.map
-*/
-(function(e,t){var n,r,i=typeof t,o=e.location,a=e.document,s=a.documentElement,l=e.jQuery,u=e.$,c={},p=[],f="1.10.2",d=p.concat,h=p.push,g=p.slice,m=p.indexOf,y=c.toString,v=c.hasOwnProperty,b=f.trim,x=function(e,t){return new x.fn.init(e,t,r)},w=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,T=/\S+/g,C=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,N=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]*))$/,k=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,E=/^[\],:{}s]*$/,S=/(?:^|:|,)(?:\s*\[)+/g,A=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,j=/"[^"\\\r\n]*"|true|false|null|-?(?:\d+\.|)\d+(?:[eE][+-]?\d+|)/g,D=/^-ms-/,L=/-([\da-z])/gi,H=function(e,t){return t.toUpperCase()},q=function(e){(a.addEventListener||"load"===e.type||"complete"===a.readyState)&&(_(),x.ready())},_=function(){a.addEventListener?(a.removeEventListener("DOMContentLoaded",q,!1),e.removeEventListener("load",q,!1)):(a.detachEvent("onreadystatechange",q),e.detachEvent("onload",q))};x.fn=x.prototype={jquery:f,constructor:x,init:function(e,n,r){var i,o;if(!e)return this;if("string"==typeof e){if(i="<"===e.charAt(0)&&">"===e.charAt(e.length-1)&&e.length>=3?[null,e,null]:N.exec(e),!i||!i[1]&&n)return!n||n.jquery?(n||r).find(e):this.constructor(n).find(e);if(i[1]){if(n=n instanceof x?n[0]:n,x.merge(this,x.parseHTML(i[1],n&&n.nodeType?n.ownerDocument||n:a,!0)),k.test(i[1])&&x.isPlainObject(n))for(i in n)x.isFunction(this[i])?this[i](n[i]):this.attr(i,n[i]);return this}if(o=a.getElementById(i[2]),o&&o.parentNode){if(o.id!==i[2])return r.find(e);this.length=1,this[0]=o}return this.context=a,this.selector=e,this}return e.nodeType?(this.context=this[0]=e,this.length=1,this):x.isFunction(e)?r.ready(e):(e.selector!==t&&(this.selector=e.selector,this.context=e.context),x.makeArray(e,this))},selector:"",length:0,toArray:function(){return g.call(this)},get:function(e){return null==e?this.toArray():0>e?this[this.length+e]:this[e]},pushStack:function(e){var t=x.merge(this.constructor(),e);return t.prevObject=this,t.context=this.context,t},each:function(e,t){return x.each(this,e,t)},ready:function(e){return x.ready.promise().done(e),this},slice:function(){return this.pushStack(g.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(e){var t=this.length,n=+e+(0>e?t:0);return this.pushStack(n>=0&&t>n?[this[n]]:[])},map:function(e){return this.pushStack(x.map(this,function(t,n){return e.call(t,n,t)}))},end:function(){return this.prevObject||this.constructor(null)},push:h,sort:[].sort,splice:[].splice},x.fn.init.prototype=x.fn,x.extend=x.fn.extend=function(){var e,n,r,i,o,a,s=arguments[0]||{},l=1,u=arguments.length,c=!1;for("boolean"==typeof s&&(c=s,s=arguments[1]||{},l=2),"object"==typeof s||x.isFunction(s)||(s={}),u===l&&(s=this,--l);u>l;l++)if(null!=(o=arguments[l]))for(i in o)e=s[i],r=o[i],s!==r&&(c&&r&&(x.isPlainObject(r)||(n=x.isArray(r)))?(n?(n=!1,a=e&&x.isArray(e)?e:[]):a=e&&x.isPlainObject(e)?e:{},s[i]=x.extend(c,a,r)):r!==t&&(s[i]=r));return s},x.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),noConflict:function(t){return e.$===x&&(e.$=u),t&&e.jQuery===x&&(e.jQuery=l),x},isReady:!1,readyWait:1,holdReady:function(e){e?x.readyWait++:x.ready(!0)},ready:function(e){if(e===!0?!--x.readyWait:!x.isReady){if(!a.body)return setTimeout(x.ready);x.isReady=!0,e!==!0&&--x.readyWait>0||(n.resolveWith(a,[x]),x.fn.trigger&&x(a).trigger("ready").off("ready"))}},isFunction:function(e){return"function"===x.type(e)},isArray:Array.isArray||function(e){return"array"===x.type(e)},isWindow:function(e){return null!=e&&e==e.window},isNumeric:function(e){return!isNaN(parseFloat(e))&&isFinite(e)},type:function(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?c[y.call(e)]||"object":typeof e},isPlainObject:function(e){var n;if(!e||"object"!==x.type(e)||e.nodeType||x.isWindow(e))return!1;try{if(e.constructor&&!v.call(e,"constructor")&&!v.call(e.constructor.prototype,"isPrototypeOf"))return!1}catch(r){return!1}if(x.support.ownLast)for(n in e)return v.call(e,n);for(n in e);return n===t||v.call(e,n)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},error:function(e){throw Error(e)},parseHTML:function(e,t,n){if(!e||"string"!=typeof e)return null;"boolean"==typeof t&&(n=t,t=!1),t=t||a;var r=k.exec(e),i=!n&&[];return r?[t.createElement(r[1])]:(r=x.buildFragment([e],t,i),i&&x(i).remove(),x.merge([],r.childNodes))},parseJSON:function(n){return e.JSON&&e.JSON.parse?e.JSON.parse(n):null===n?n:"string"==typeof n&&(n=x.trim(n),n&&E.test(n.replace(A,"@").replace(j,"]").replace(S,"")))?Function("return "+n)():(x.error("Invalid JSON: "+n),t)},parseXML:function(n){var r,i;if(!n||"string"!=typeof n)return null;try{e.DOMParser?(i=new DOMParser,r=i.parseFromString(n,"text/xml")):(r=new ActiveXObject("Microsoft.XMLDOM"),r.async="false",r.loadXML(n))}catch(o){r=t}return r&&r.documentElement&&!r.getElementsByTagName("parsererror").length||x.error("Invalid XML: "+n),r},noop:function(){},globalEval:function(t){t&&x.trim(t)&&(e.execScript||function(t){e.eval.call(e,t)})(t)},camelCase:function(e){return e.replace(D,"ms-").replace(L,H)},nodeName:function(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()},each:function(e,t,n){var r,i=0,o=e.length,a=M(e);if(n){if(a){for(;o>i;i++)if(r=t.apply(e[i],n),r===!1)break}else for(i in e)if(r=t.apply(e[i],n),r===!1)break}else if(a){for(;o>i;i++)if(r=t.call(e[i],i,e[i]),r===!1)break}else for(i in e)if(r=t.call(e[i],i,e[i]),r===!1)break;return e},trim:b&&!b.call("\ufeff\u00a0")?function(e){return null==e?"":b.call(e)}:function(e){return null==e?"":(e+"").replace(C,"")},makeArray:function(e,t){var n=t||[];return null!=e&&(M(Object(e))?x.merge(n,"string"==typeof e?[e]:e):h.call(n,e)),n},inArray:function(e,t,n){var r;if(t){if(m)return m.call(t,e,n);for(r=t.length,n=n?0>n?Math.max(0,r+n):n:0;r>n;n++)if(n in t&&t[n]===e)return n}return-1},merge:function(e,n){var r=n.length,i=e.length,o=0;if("number"==typeof r)for(;r>o;o++)e[i++]=n[o];else while(n[o]!==t)e[i++]=n[o++];return e.length=i,e},grep:function(e,t,n){var r,i=[],o=0,a=e.length;for(n=!!n;a>o;o++)r=!!t(e[o],o),n!==r&&i.push(e[o]);return i},map:function(e,t,n){var r,i=0,o=e.length,a=M(e),s=[];if(a)for(;o>i;i++)r=t(e[i],i,n),null!=r&&(s[s.length]=r);else for(i in e)r=t(e[i],i,n),null!=r&&(s[s.length]=r);return d.apply([],s)},guid:1,proxy:function(e,n){var r,i,o;return"string"==typeof n&&(o=e[n],n=e,e=o),x.isFunction(e)?(r=g.call(arguments,2),i=function(){return e.apply(n||this,r.concat(g.call(arguments)))},i.guid=e.guid=e.guid||x.guid++,i):t},access:function(e,n,r,i,o,a,s){var l=0,u=e.length,c=null==r;if("object"===x.type(r)){o=!0;for(l in r)x.access(e,n,l,r[l],!0,a,s)}else if(i!==t&&(o=!0,x.isFunction(i)||(s=!0),c&&(s?(n.call(e,i),n=null):(c=n,n=function(e,t,n){return c.call(x(e),n)})),n))for(;u>l;l++)n(e[l],r,s?i:i.call(e[l],l,n(e[l],r)));return o?e:c?n.call(e):u?n(e[0],r):a},now:function(){return(new Date).getTime()},swap:function(e,t,n,r){var i,o,a={};for(o in t)a[o]=e.style[o],e.style[o]=t[o];i=n.apply(e,r||[]);for(o in t)e.style[o]=a[o];return i}}),x.ready.promise=function(t){if(!n)if(n=x.Deferred(),"complete"===a.readyState)setTimeout(x.ready);else if(a.addEventListener)a.addEventListener("DOMContentLoaded",q,!1),e.addEventListener("load",q,!1);else{a.attachEvent("onreadystatechange",q),e.attachEvent("onload",q);var r=!1;try{r=null==e.frameElement&&a.documentElement}catch(i){}r&&r.doScroll&&function o(){if(!x.isReady){try{r.doScroll("left")}catch(e){return setTimeout(o,50)}_(),x.ready()}}()}return n.promise(t)},x.each("Boolean Number String Function Array Date RegExp Object Error".split(" "),function(e,t){c["[object "+t+"]"]=t.toLowerCase()});function M(e){var t=e.length,n=x.type(e);return x.isWindow(e)?!1:1===e.nodeType&&t?!0:"array"===n||"function"!==n&&(0===t||"number"==typeof t&&t>0&&t-1 in e)}r=x(a),function(e,t){var n,r,i,o,a,s,l,u,c,p,f,d,h,g,m,y,v,b="sizzle"+-new Date,w=e.document,T=0,C=0,N=st(),k=st(),E=st(),S=!1,A=function(e,t){return e===t?(S=!0,0):0},j=typeof t,D=1<<31,L={}.hasOwnProperty,H=[],q=H.pop,_=H.push,M=H.push,O=H.slice,F=H.indexOf||function(e){var t=0,n=this.length;for(;n>t;t++)if(this[t]===e)return t;return-1},B="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",P="[\\x20\\t\\r\\n\\f]",R="(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",W=R.replace("w","w#"),$="\\["+P+"*("+R+")"+P+"*(?:([*^$|!~]?=)"+P+"*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|("+W+")|)|)"+P+"*\\]",I=":("+R+")(?:\\(((['\"])((?:\\\\.|[^\\\\])*?)\\3|((?:\\\\.|[^\\\\()[\\]]|"+$.replace(3,8)+")*)|.*)\\)|)",z=RegExp("^"+P+"+|((?:^|[^\\\\])(?:\\\\.)*)"+P+"+$","g"),X=RegExp("^"+P+"*,"+P+"*"),U=RegExp("^"+P+"*([>+~]|"+P+")"+P+"*"),V=RegExp(P+"*[+~]"),Y=RegExp("="+P+"*([^\\]'\"]*)"+P+"*\\]","g"),J=RegExp(I),G=RegExp("^"+W+"$"),Q={ID:RegExp("^#("+R+")"),CLASS:RegExp("^\\.("+R+")"),TAG:RegExp("^("+R.replace("w","w*")+")"),ATTR:RegExp("^"+$),PSEUDO:RegExp("^"+I),CHILD:RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+P+"*(even|odd|(([+-]|)(\\d*)n|)"+P+"*(?:([+-]|)"+P+"*(\\d+)|))"+P+"*\\)|)","i"),bool:RegExp("^(?:"+B+")$","i"),needsContext:RegExp("^"+P+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+P+"*((?:-\\d)?\\d*)"+P+"*\\)|)(?=[^-]|$)","i")},K=/^[^{]+\{s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,et=/^(?:input|select|textarea|button)$/i,tt=/^h\d$/i,nt=/'|\\/g,rt=RegExp("\\\\([\\da-f]{1,6}"+P+"?|("+P+")|.)","ig"),it=function(e,t,n){var r="0x"+t-65536;return r!==r||n?t:0>r?String.fromCharCode(r+65536):String.fromCharCode(55296|r>>10,56320|1023&r)};try{M.apply(H=O.call(w.childNodes),w.childNodes),H[w.childNodes.length].nodeType}catch(ot){M={apply:H.length?function(e,t){_.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function at(e,t,n,i){var o,a,s,l,u,c,d,m,y,x;if((t?t.ownerDocument||t:w)!==f&&p(t),t=t||f,n=n||[],!e||"string"!=typeof e)return n;if(1!==(l=t.nodeType)&&9!==l)return[];if(h&&!i){if(o=Z.exec(e))if(s=o[1]){if(9===l){if(a=t.getElementById(s),!a||!a.parentNode)return n;if(a.id===s)return n.push(a),n}else if(t.ownerDocument&&(a=t.ownerDocument.getElementById(s))&&v(t,a)&&a.id===s)return n.push(a),n}else{if(o[2])return M.apply(n,t.getElementsByTagName(e)),n;if((s=o[3])&&r.getElementsByClassName&&t.getElementsByClassName)return M.apply(n,t.getElementsByClassName(s)),n}if(r.qsa&&(!g||!g.test(e))){if(m=d=b,y=t,x=9===l&&e,1===l&&"object"!==t.nodeName.toLowerCase()){c=mt(e),(d=t.getAttribute("id"))?m=d.replace(nt,"\\$&"):t.setAttribute("id",m),m="[id='"+m+"'] ",u=c.length;while(u--)c[u]=m+yt(c[u]);y=V.test(e)&&t.parentNode||t,x=c.join(",")}if(x)try{return M.apply(n,y.querySelectorAll(x)),n}catch(T){}finally{d||t.removeAttribute("id")}}}return kt(e.replace(z,"$1"),t,n,i)}function st(){var e=[];function t(n,r){return e.push(n+=" ")>o.cacheLength&&delete t[e.shift()],t[n]=r}return t}function lt(e){return e[b]=!0,e}function ut(e){var t=f.createElement("div");try{return!!e(t)}catch(n){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function ct(e,t){var n=e.split("|"),r=e.length;while(r--)o.attrHandle[n[r]]=t}function pt(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&(~t.sourceIndex||D)-(~e.sourceIndex||D);if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function ft(e){return function(t){var n=t.nodeName.toLowerCase();return"input"===n&&t.type===e}}function dt(e){return function(t){var n=t.nodeName.toLowerCase();return("input"===n||"button"===n)&&t.type===e}}function ht(e){return lt(function(t){return t=+t,lt(function(n,r){var i,o=e([],n.length,t),a=o.length;while(a--)n[i=o[a]]&&(n[i]=!(r[i]=n[i]))})})}s=at.isXML=function(e){var t=e&&(e.ownerDocument||e).documentElement;return t?"HTML"!==t.nodeName:!1},r=at.support={},p=at.setDocument=function(e){var n=e?e.ownerDocument||e:w,i=n.defaultView;return n!==f&&9===n.nodeType&&n.documentElement?(f=n,d=n.documentElement,h=!s(n),i&&i.attachEvent&&i!==i.top&&i.attachEvent("onbeforeunload",function(){p()}),r.attributes=ut(function(e){return e.className="i",!e.getAttribute("className")}),r.getElementsByTagName=ut(function(e){return e.appendChild(n.createComment("")),!e.getElementsByTagName("*").length}),r.getElementsByClassName=ut(function(e){return e.innerHTML="<div class='a'></div><div class='a i'></div>",e.firstChild.className="i",2===e.getElementsByClassName("i").length}),r.getById=ut(function(e){return d.appendChild(e).id=b,!n.getElementsByName||!n.getElementsByName(b).length}),r.getById?(o.find.ID=function(e,t){if(typeof t.getElementById!==j&&h){var n=t.getElementById(e);return n&&n.parentNode?[n]:[]}},o.filter.ID=function(e){var t=e.replace(rt,it);return function(e){return e.getAttribute("id")===t}}):(delete o.find.ID,o.filter.ID=function(e){var t=e.replace(rt,it);return function(e){var n=typeof e.getAttributeNode!==j&&e.getAttributeNode("id");return n&&n.value===t}}),o.find.TAG=r.getElementsByTagName?function(e,n){return typeof n.getElementsByTagName!==j?n.getElementsByTagName(e):t}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},o.find.CLASS=r.getElementsByClassName&&function(e,n){return typeof n.getElementsByClassName!==j&&h?n.getElementsByClassName(e):t},m=[],g=[],(r.qsa=K.test(n.querySelectorAll))&&(ut(function(e){e.innerHTML="<select><option selected=''></option></select>",e.querySelectorAll("[selected]").length||g.push("\\["+P+"*(?:value|"+B+")"),e.querySelectorAll(":checked").length||g.push(":checked")}),ut(function(e){var t=n.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("t",""),e.querySelectorAll("[t^='']").length&&g.push("[*^$]="+P+"*(?:''|\"\")"),e.querySelectorAll(":enabled").length||g.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),g.push(",.*:")})),(r.matchesSelector=K.test(y=d.webkitMatchesSelector||d.mozMatchesSelector||d.oMatchesSelector||d.msMatchesSelector))&&ut(function(e){r.disconnectedMatch=y.call(e,"div"),y.call(e,"[s!='']:x"),m.push("!=",I)}),g=g.length&&RegExp(g.join("|")),m=m.length&&RegExp(m.join("|")),v=K.test(d.contains)||d.compareDocumentPosition?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},A=d.compareDocumentPosition?function(e,t){if(e===t)return S=!0,0;var i=t.compareDocumentPosition&&e.compareDocumentPosition&&e.compareDocumentPosition(t);return i?1&i||!r.sortDetached&&t.compareDocumentPosition(e)===i?e===n||v(w,e)?-1:t===n||v(w,t)?1:c?F.call(c,e)-F.call(c,t):0:4&i?-1:1:e.compareDocumentPosition?-1:1}:function(e,t){var r,i=0,o=e.parentNode,a=t.parentNode,s=[e],l=[t];if(e===t)return S=!0,0;if(!o||!a)return e===n?-1:t===n?1:o?-1:a?1:c?F.call(c,e)-F.call(c,t):0;if(o===a)return pt(e,t);r=e;while(r=r.parentNode)s.unshift(r);r=t;while(r=r.parentNode)l.unshift(r);while(s[i]===l[i])i++;return i?pt(s[i],l[i]):s[i]===w?-1:l[i]===w?1:0},n):f},at.matches=function(e,t){return at(e,null,null,t)},at.matchesSelector=function(e,t){if((e.ownerDocument||e)!==f&&p(e),t=t.replace(Y,"='$1']"),!(!r.matchesSelector||!h||m&&m.test(t)||g&&g.test(t)))try{var n=y.call(e,t);if(n||r.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(i){}return at(t,f,null,[e]).length>0},at.contains=function(e,t){return(e.ownerDocument||e)!==f&&p(e),v(e,t)},at.attr=function(e,n){(e.ownerDocument||e)!==f&&p(e);var i=o.attrHandle[n.toLowerCase()],a=i&&L.call(o.attrHandle,n.toLowerCase())?i(e,n,!h):t;return a===t?r.attributes||!h?e.getAttribute(n):(a=e.getAttributeNode(n))&&a.specified?a.value:null:a},at.error=function(e){throw Error("Syntax error, unrecognized expression: "+e)},at.uniqueSort=function(e){var t,n=[],i=0,o=0;if(S=!r.detectDuplicates,c=!r.sortStable&&e.slice(0),e.sort(A),S){while(t=e[o++])t===e[o]&&(i=n.push(o));while(i--)e.splice(n[i],1)}return e},a=at.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=a(e)}else if(3===i||4===i)return e.nodeValue}else for(;t=e[r];r++)n+=a(t);return n},o=at.selectors={cacheLength:50,createPseudo:lt,match:Q,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(rt,it),e[3]=(e[4]||e[5]||"").replace(rt,it),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||at.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&at.error(e[0]),e},PSEUDO:function(e){var n,r=!e[5]&&e[2];return Q.CHILD.test(e[0])?null:(e[3]&&e[4]!==t?e[2]=e[4]:r&&J.test(r)&&(n=mt(r,!0))&&(n=r.indexOf(")",r.length-n)-r.length)&&(e[0]=e[0].slice(0,n),e[2]=r.slice(0,n)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(rt,it).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=N[e+" "];return t||(t=RegExp("(^|"+P+")"+e+"("+P+"|$)"))&&N(e,function(e){return t.test("string"==typeof e.className&&e.className||typeof e.getAttribute!==j&&e.getAttribute("class")||"")})},ATTR:function(e,t,n){return function(r){var i=at.attr(r,e);return null==i?"!="===t:t?(i+="","="===t?i===n:"!="===t?i!==n:"^="===t?n&&0===i.indexOf(n):"*="===t?n&&i.indexOf(n)>-1:"$="===t?n&&i.slice(-n.length)===n:"~="===t?(" "+i+" ").indexOf(n)>-1:"|="===t?i===n||i.slice(0,n.length+1)===n+"-":!1):!0}},CHILD:function(e,t,n,r,i){var o="nth"!==e.slice(0,3),a="last"!==e.slice(-4),s="of-type"===t;return 1===r&&0===i?function(e){return!!e.parentNode}:function(t,n,l){var u,c,p,f,d,h,g=o!==a?"nextSibling":"previousSibling",m=t.parentNode,y=s&&t.nodeName.toLowerCase(),v=!l&&!s;if(m){if(o){while(g){p=t;while(p=p[g])if(s?p.nodeName.toLowerCase()===y:1===p.nodeType)return!1;h=g="only"===e&&!h&&"nextSibling"}return!0}if(h=[a?m.firstChild:m.lastChild],a&&v){c=m[b]||(m[b]={}),u=c[e]||[],d=u[0]===T&&u[1],f=u[0]===T&&u[2],p=d&&m.childNodes[d];while(p=++d&&p&&p[g]||(f=d=0)||h.pop())if(1===p.nodeType&&++f&&p===t){c[e]=[T,d,f];break}}else if(v&&(u=(t[b]||(t[b]={}))[e])&&u[0]===T)f=u[1];else while(p=++d&&p&&p[g]||(f=d=0)||h.pop())if((s?p.nodeName.toLowerCase()===y:1===p.nodeType)&&++f&&(v&&((p[b]||(p[b]={}))[e]=[T,f]),p===t))break;return f-=i,f===r||0===f%r&&f/r>=0}}},PSEUDO:function(e,t){var n,r=o.pseudos[e]||o.setFilters[e.toLowerCase()]||at.error("unsupported pseudo: "+e);return r[b]?r(t):r.length>1?(n=[e,e,"",t],o.setFilters.hasOwnProperty(e.toLowerCase())?lt(function(e,n){var i,o=r(e,t),a=o.length;while(a--)i=F.call(e,o[a]),e[i]=!(n[i]=o[a])}):function(e){return r(e,0,n)}):r}},pseudos:{not:lt(function(e){var t=[],n=[],r=l(e.replace(z,"$1"));return r[b]?lt(function(e,t,n,i){var o,a=r(e,null,i,[]),s=e.length;while(s--)(o=a[s])&&(e[s]=!(t[s]=o))}):function(e,i,o){return t[0]=e,r(t,null,o,n),!n.pop()}}),has:lt(function(e){return function(t){return at(e,t).length>0}}),contains:lt(function(e){return function(t){return(t.textContent||t.innerText||a(t)).indexOf(e)>-1}}),lang:lt(function(e){return G.test(e||"")||at.error("unsupported lang: "+e),e=e.replace(rt,it).toLowerCase(),function(t){var n;do if(n=h?t.lang:t.getAttribute("xml:lang")||t.getAttribute("lang"))return n=n.toLowerCase(),n===e||0===n.indexOf(e+"-");while((t=t.parentNode)&&1===t.nodeType);return!1}}),target:function(t){var n=e.location&&e.location.hash;return n&&n.slice(1)===t.id},root:function(e){return e===d},focus:function(e){return e===f.activeElement&&(!f.hasFocus||f.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:function(e){return e.disabled===!1},disabled:function(e){return e.disabled===!0},checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,e.selected===!0},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeName>"@"||3===e.nodeType||4===e.nodeType)return!1;return!0},parent:function(e){return!o.pseudos.empty(e)},header:function(e){return tt.test(e.nodeName)},input:function(e){return et.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||t.toLowerCase()===e.type)},first:ht(function(){return[0]}),last:ht(function(e,t){return[t-1]}),eq:ht(function(e,t,n){return[0>n?n+t:n]}),even:ht(function(e,t){var n=0;for(;t>n;n+=2)e.push(n);return e}),odd:ht(function(e,t){var n=1;for(;t>n;n+=2)e.push(n);return e}),lt:ht(function(e,t,n){var r=0>n?n+t:n;for(;--r>=0;)e.push(r);return e}),gt:ht(function(e,t,n){var r=0>n?n+t:n;for(;t>++r;)e.push(r);return e})}},o.pseudos.nth=o.pseudos.eq;for(n in{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})o.pseudos[n]=ft(n);for(n in{submit:!0,reset:!0})o.pseudos[n]=dt(n);function gt(){}gt.prototype=o.filters=o.pseudos,o.setFilters=new gt;function mt(e,t){var n,r,i,a,s,l,u,c=k[e+" "];if(c)return t?0:c.slice(0);s=e,l=[],u=o.preFilter;while(s){(!n||(r=X.exec(s)))&&(r&&(s=s.slice(r[0].length)||s),l.push(i=[])),n=!1,(r=U.exec(s))&&(n=r.shift(),i.push({value:n,type:r[0].replace(z," ")}),s=s.slice(n.length));for(a in o.filter)!(r=Q[a].exec(s))||u[a]&&!(r=u[a](r))||(n=r.shift(),i.push({value:n,type:a,matches:r}),s=s.slice(n.length));if(!n)break}return t?s.length:s?at.error(e):k(e,l).slice(0)}function yt(e){var t=0,n=e.length,r="";for(;n>t;t++)r+=e[t].value;return r}function vt(e,t,n){var r=t.dir,o=n&&"parentNode"===r,a=C++;return t.first?function(t,n,i){while(t=t[r])if(1===t.nodeType||o)return e(t,n,i)}:function(t,n,s){var l,u,c,p=T+" "+a;if(s){while(t=t[r])if((1===t.nodeType||o)&&e(t,n,s))return!0}else while(t=t[r])if(1===t.nodeType||o)if(c=t[b]||(t[b]={}),(u=c[r])&&u[0]===p){if((l=u[1])===!0||l===i)return l===!0}else if(u=c[r]=[p],u[1]=e(t,n,s)||i,u[1]===!0)return!0}}function bt(e){return e.length>1?function(t,n,r){var i=e.length;while(i--)if(!e[i](t,n,r))return!1;return!0}:e[0]}function xt(e,t,n,r,i){var o,a=[],s=0,l=e.length,u=null!=t;for(;l>s;s++)(o=e[s])&&(!n||n(o,r,i))&&(a.push(o),u&&t.push(s));return a}function wt(e,t,n,r,i,o){return r&&!r[b]&&(r=wt(r)),i&&!i[b]&&(i=wt(i,o)),lt(function(o,a,s,l){var u,c,p,f=[],d=[],h=a.length,g=o||Nt(t||"*",s.nodeType?[s]:s,[]),m=!e||!o&&t?g:xt(g,f,e,s,l),y=n?i||(o?e:h||r)?[]:a:m;if(n&&n(m,y,s,l),r){u=xt(y,d),r(u,[],s,l),c=u.length;while(c--)(p=u[c])&&(y[d[c]]=!(m[d[c]]=p))}if(o){if(i||e){if(i){u=[],c=y.length;while(c--)(p=y[c])&&u.push(m[c]=p);i(null,y=[],u,l)}c=y.length;while(c--)(p=y[c])&&(u=i?F.call(o,p):f[c])>-1&&(o[u]=!(a[u]=p))}}else y=xt(y===a?y.splice(h,y.length):y),i?i(null,a,y,l):M.apply(a,y)})}function Tt(e){var t,n,r,i=e.length,a=o.relative[e[0].type],s=a||o.relative[" "],l=a?1:0,c=vt(function(e){return e===t},s,!0),p=vt(function(e){return F.call(t,e)>-1},s,!0),f=[function(e,n,r){return!a&&(r||n!==u)||((t=n).nodeType?c(e,n,r):p(e,n,r))}];for(;i>l;l++)if(n=o.relative[e[l].type])f=[vt(bt(f),n)];else{if(n=o.filter[e[l].type].apply(null,e[l].matches),n[b]){for(r=++l;i>r;r++)if(o.relative[e[r].type])break;return wt(l>1&&bt(f),l>1&&yt(e.slice(0,l-1).concat({value:" "===e[l-2].type?"*":""})).replace(z,"$1"),n,r>l&&Tt(e.slice(l,r)),i>r&&Tt(e=e.slice(r)),i>r&&yt(e))}f.push(n)}return bt(f)}function Ct(e,t){var n=0,r=t.length>0,a=e.length>0,s=function(s,l,c,p,d){var h,g,m,y=[],v=0,b="0",x=s&&[],w=null!=d,C=u,N=s||a&&o.find.TAG("*",d&&l.parentNode||l),k=T+=null==C?1:Math.random()||.1;for(w&&(u=l!==f&&l,i=n);null!=(h=N[b]);b++){if(a&&h){g=0;while(m=e[g++])if(m(h,l,c)){p.push(h);break}w&&(T=k,i=++n)}r&&((h=!m&&h)&&v--,s&&x.push(h))}if(v+=b,r&&b!==v){g=0;while(m=t[g++])m(x,y,l,c);if(s){if(v>0)while(b--)x[b]||y[b]||(y[b]=q.call(p));y=xt(y)}M.apply(p,y),w&&!s&&y.length>0&&v+t.length>1&&at.uniqueSort(p)}return w&&(T=k,u=C),x};return r?lt(s):s}l=at.compile=function(e,t){var n,r=[],i=[],o=E[e+" "];if(!o){t||(t=mt(e)),n=t.length;while(n--)o=Tt(t[n]),o[b]?r.push(o):i.push(o);o=E(e,Ct(i,r))}return o};function Nt(e,t,n){var r=0,i=t.length;for(;i>r;r++)at(e,t[r],n);return n}function kt(e,t,n,i){var a,s,u,c,p,f=mt(e);if(!i&&1===f.length){if(s=f[0]=f[0].slice(0),s.length>2&&"ID"===(u=s[0]).type&&r.getById&&9===t.nodeType&&h&&o.relative[s[1].type]){if(t=(o.find.ID(u.matches[0].replace(rt,it),t)||[])[0],!t)return n;e=e.slice(s.shift().value.length)}a=Q.needsContext.test(e)?0:s.length;while(a--){if(u=s[a],o.relative[c=u.type])break;if((p=o.find[c])&&(i=p(u.matches[0].replace(rt,it),V.test(s[0].type)&&t.parentNode||t))){if(s.splice(a,1),e=i.length&&yt(s),!e)return M.apply(n,i),n;break}}}return l(e,f)(i,t,!h,n,V.test(e)),n}r.sortStable=b.split("").sort(A).join("")===b,r.detectDuplicates=S,p(),r.sortDetached=ut(function(e){return 1&e.compareDocumentPosition(f.createElement("div"))}),ut(function(e){return e.innerHTML="<a href='#'></a>","#"===e.firstChild.getAttribute("href")})||ct("type|href|height|width",function(e,n,r){return r?t:e.getAttribute(n,"type"===n.toLowerCase()?1:2)}),r.attributes&&ut(function(e){return e.innerHTML="<input/>",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||ct("value",function(e,n,r){return r||"input"!==e.nodeName.toLowerCase()?t:e.defaultValue}),ut(function(e){return null==e.getAttribute("disabled")})||ct(B,function(e,n,r){var i;return r?t:(i=e.getAttributeNode(n))&&i.specified?i.value:e[n]===!0?n.toLowerCase():null}),x.find=at,x.expr=at.selectors,x.expr[":"]=x.expr.pseudos,x.unique=at.uniqueSort,x.text=at.getText,x.isXMLDoc=at.isXML,x.contains=at.contains}(e);var O={};function F(e){var t=O[e]={};return x.each(e.match(T)||[],function(e,n){t[n]=!0}),t}x.Callbacks=function(e){e="string"==typeof e?O[e]||F(e):x.extend({},e);var n,r,i,o,a,s,l=[],u=!e.once&&[],c=function(t){for(r=e.memory&&t,i=!0,a=s||0,s=0,o=l.length,n=!0;l&&o>a;a++)if(l[a].apply(t[0],t[1])===!1&&e.stopOnFalse){r=!1;break}n=!1,l&&(u?u.length&&c(u.shift()):r?l=[]:p.disable())},p={add:function(){if(l){var t=l.length;(function i(t){x.each(t,function(t,n){var r=x.type(n);"function"===r?e.unique&&p.has(n)||l.push(n):n&&n.length&&"string"!==r&&i(n)})})(arguments),n?o=l.length:r&&(s=t,c(r))}return this},remove:function(){return l&&x.each(arguments,function(e,t){var r;while((r=x.inArray(t,l,r))>-1)l.splice(r,1),n&&(o>=r&&o--,a>=r&&a--)}),this},has:function(e){return e?x.inArray(e,l)>-1:!(!l||!l.length)},empty:function(){return l=[],o=0,this},disable:function(){return l=u=r=t,this},disabled:function(){return!l},lock:function(){return u=t,r||p.disable(),this},locked:function(){return!u},fireWith:function(e,t){return!l||i&&!u||(t=t||[],t=[e,t.slice?t.slice():t],n?u.push(t):c(t)),this},fire:function(){return p.fireWith(this,arguments),this},fired:function(){return!!i}};return p},x.extend({Deferred:function(e){var t=[["resolve","done",x.Callbacks("once memory"),"resolved"],["reject","fail",x.Callbacks("once memory"),"rejected"],["notify","progress",x.Callbacks("memory")]],n="pending",r={state:function(){return n},always:function(){return i.done(arguments).fail(arguments),this},then:function(){var e=arguments;return x.Deferred(function(n){x.each(t,function(t,o){var a=o[0],s=x.isFunction(e[t])&&e[t];i[o[1]](function(){var e=s&&s.apply(this,arguments);e&&x.isFunction(e.promise)?e.promise().done(n.resolve).fail(n.reject).progress(n.notify):n[a+"With"](this===r?n.promise():this,s?[e]:arguments)})}),e=null}).promise()},promise:function(e){return null!=e?x.extend(e,r):r}},i={};return r.pipe=r.then,x.each(t,function(e,o){var a=o[2],s=o[3];r[o[1]]=a.add,s&&a.add(function(){n=s},t[1^e][2].disable,t[2][2].lock),i[o[0]]=function(){return i[o[0]+"With"](this===i?r:this,arguments),this},i[o[0]+"With"]=a.fireWith}),r.promise(i),e&&e.call(i,i),i},when:function(e){var t=0,n=g.call(arguments),r=n.length,i=1!==r||e&&x.isFunction(e.promise)?r:0,o=1===i?e:x.Deferred(),a=function(e,t,n){return function(r){t[e]=this,n[e]=arguments.length>1?g.call(arguments):r,n===s?o.notifyWith(t,n):--i||o.resolveWith(t,n)}},s,l,u;if(r>1)for(s=Array(r),l=Array(r),u=Array(r);r>t;t++)n[t]&&x.isFunction(n[t].promise)?n[t].promise().done(a(t,u,n)).fail(o.reject).progress(a(t,l,s)):--i;return i||o.resolveWith(u,n),o.promise()}}),x.support=function(t){var n,r,o,s,l,u,c,p,f,d=a.createElement("div");if(d.setAttribute("className","t"),d.innerHTML="  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>",n=d.getElementsByTagName("*")||[],r=d.getElementsByTagName("a")[0],!r||!r.style||!n.length)return t;s=a.createElement("select"),u=s.appendChild(a.createElement("option")),o=d.getElementsByTagName("input")[0],r.style.cssText="top:1px;float:left;opacity:.5",t.getSetAttribute="t"!==d.className,t.leadingWhitespace=3===d.firstChild.nodeType,t.tbody=!d.getElementsByTagName("tbody").length,t.htmlSerialize=!!d.getElementsByTagName("link").length,t.style=/top/.test(r.getAttribute("style")),t.hrefNormalized="/a"===r.getAttribute("href"),t.opacity=/^0.5/.test(r.style.opacity),t.cssFloat=!!r.style.cssFloat,t.checkOn=!!o.value,t.optSelected=u.selected,t.enctype=!!a.createElement("form").enctype,t.html5Clone="<:nav></:nav>"!==a.createElement("nav").cloneNode(!0).outerHTML,t.inlineBlockNeedsLayout=!1,t.shrinkWrapBlocks=!1,t.pixelPosition=!1,t.deleteExpando=!0,t.noCloneEvent=!0,t.reliableMarginRight=!0,t.boxSizingReliable=!0,o.checked=!0,t.noCloneChecked=o.cloneNode(!0).checked,s.disabled=!0,t.optDisabled=!u.disabled;try{delete d.test}catch(h){t.deleteExpando=!1}o=a.createElement("input"),o.setAttribute("value",""),t.input=""===o.getAttribute("value"),o.value="t",o.setAttribute("type","radio"),t.radioValue="t"===o.value,o.setAttribute("checked","t"),o.setAttribute("name","t"),l=a.createDocumentFragment(),l.appendChild(o),t.appendChecked=o.checked,t.checkClone=l.cloneNode(!0).cloneNode(!0).lastChild.checked,d.attachEvent&&(d.attachEvent("onclick",function(){t.noCloneEvent=!1}),d.cloneNode(!0).click());for(f in{submit:!0,change:!0,focusin:!0})d.setAttribute(c="on"+f,"t"),t[f+"Bubbles"]=c in e||d.attributes[c].expando===!1;d.style.backgroundClip="content-box",d.cloneNode(!0).style.backgroundClip="",t.clearCloneStyle="content-box"===d.style.backgroundClip;for(f in x(t))break;return t.ownLast="0"!==f,x(function(){var n,r,o,s="padding:0;margin:0;border:0;display:block;box-sizing:content-box;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;",l=a.getElementsByTagName("body")[0];l&&(n=a.createElement("div"),n.style.cssText="border:0;width:0;height:0;position:absolute;top:0;left:-9999px;margin-top:1px",l.appendChild(n).appendChild(d),d.innerHTML="<table><tr><td></td><td>t</td></tr></table>",o=d.getElementsByTagName("td"),o[0].style.cssText="padding:0;margin:0;border:0;display:none",p=0===o[0].offsetHeight,o[0].style.display="",o[1].style.display="none",t.reliableHiddenOffsets=p&&0===o[0].offsetHeight,d.innerHTML="",d.style.cssText="box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box;padding:1px;border:1px;display:block;width:4px;margin-top:1%;position:absolute;top:1%;",x.swap(l,null!=l.style.zoom?{zoom:1}:{},function(){t.boxSizing=4===d.offsetWidth}),e.getComputedStyle&&(t.pixelPosition="1%"!==(e.getComputedStyle(d,null)||{}).top,t.boxSizingReliable="4px"===(e.getComputedStyle(d,null)||{width:"4px"}).width,r=d.appendChild(a.createElement("div")),r.style.cssText=d.style.cssText=s,r.style.marginRight=r.style.width="0",d.style.width="1px",t.reliableMarginRight=!parseFloat((e.getComputedStyle(r,null)||{}).marginRight)),typeof d.style.zoom!==i&&(d.innerHTML="",d.style.cssText=s+"width:1px;padding:1px;display:inline;zoom:1",t.inlineBlockNeedsLayout=3===d.offsetWidth,d.style.display="block",d.innerHTML="<div></div>",d.firstChild.style.width="5px",t.shrinkWrapBlocks=3!==d.offsetWidth,t.inlineBlockNeedsLayout&&(l.style.zoom=1)),l.removeChild(n),n=d=o=r=null)}),n=s=l=u=r=o=null,t
-}({});var B=/(?:\{[\s\S]*\}|\[[\s\S]*\])$/,P=/([A-Z])/g;function R(e,n,r,i){if(x.acceptData(e)){var o,a,s=x.expando,l=e.nodeType,u=l?x.cache:e,c=l?e[s]:e[s]&&s;if(c&&u[c]&&(i||u[c].data)||r!==t||"string"!=typeof n)return c||(c=l?e[s]=p.pop()||x.guid++:s),u[c]||(u[c]=l?{}:{toJSON:x.noop}),("object"==typeof n||"function"==typeof n)&&(i?u[c]=x.extend(u[c],n):u[c].data=x.extend(u[c].data,n)),a=u[c],i||(a.data||(a.data={}),a=a.data),r!==t&&(a[x.camelCase(n)]=r),"string"==typeof n?(o=a[n],null==o&&(o=a[x.camelCase(n)])):o=a,o}}function W(e,t,n){if(x.acceptData(e)){var r,i,o=e.nodeType,a=o?x.cache:e,s=o?e[x.expando]:x.expando;if(a[s]){if(t&&(r=n?a[s]:a[s].data)){x.isArray(t)?t=t.concat(x.map(t,x.camelCase)):t in r?t=[t]:(t=x.camelCase(t),t=t in r?[t]:t.split(" ")),i=t.length;while(i--)delete r[t[i]];if(n?!I(r):!x.isEmptyObject(r))return}(n||(delete a[s].data,I(a[s])))&&(o?x.cleanData([e],!0):x.support.deleteExpando||a!=a.window?delete a[s]:a[s]=null)}}}x.extend({cache:{},noData:{applet:!0,embed:!0,object:"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"},hasData:function(e){return e=e.nodeType?x.cache[e[x.expando]]:e[x.expando],!!e&&!I(e)},data:function(e,t,n){return R(e,t,n)},removeData:function(e,t){return W(e,t)},_data:function(e,t,n){return R(e,t,n,!0)},_removeData:function(e,t){return W(e,t,!0)},acceptData:function(e){if(e.nodeType&&1!==e.nodeType&&9!==e.nodeType)return!1;var t=e.nodeName&&x.noData[e.nodeName.toLowerCase()];return!t||t!==!0&&e.getAttribute("classid")===t}}),x.fn.extend({data:function(e,n){var r,i,o=null,a=0,s=this[0];if(e===t){if(this.length&&(o=x.data(s),1===s.nodeType&&!x._data(s,"parsedAttrs"))){for(r=s.attributes;r.length>a;a++)i=r[a].name,0===i.indexOf("data-")&&(i=x.camelCase(i.slice(5)),$(s,i,o[i]));x._data(s,"parsedAttrs",!0)}return o}return"object"==typeof e?this.each(function(){x.data(this,e)}):arguments.length>1?this.each(function(){x.data(this,e,n)}):s?$(s,e,x.data(s,e)):null},removeData:function(e){return this.each(function(){x.removeData(this,e)})}});function $(e,n,r){if(r===t&&1===e.nodeType){var i="data-"+n.replace(P,"-$1").toLowerCase();if(r=e.getAttribute(i),"string"==typeof r){try{r="true"===r?!0:"false"===r?!1:"null"===r?null:+r+""===r?+r:B.test(r)?x.parseJSON(r):r}catch(o){}x.data(e,n,r)}else r=t}return r}function I(e){var t;for(t in e)if(("data"!==t||!x.isEmptyObject(e[t]))&&"toJSON"!==t)return!1;return!0}x.extend({queue:function(e,n,r){var i;return e?(n=(n||"fx")+"queue",i=x._data(e,n),r&&(!i||x.isArray(r)?i=x._data(e,n,x.makeArray(r)):i.push(r)),i||[]):t},dequeue:function(e,t){t=t||"fx";var n=x.queue(e,t),r=n.length,i=n.shift(),o=x._queueHooks(e,t),a=function(){x.dequeue(e,t)};"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,a,o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return x._data(e,n)||x._data(e,n,{empty:x.Callbacks("once memory").add(function(){x._removeData(e,t+"queue"),x._removeData(e,n)})})}}),x.fn.extend({queue:function(e,n){var r=2;return"string"!=typeof e&&(n=e,e="fx",r--),r>arguments.length?x.queue(this[0],e):n===t?this:this.each(function(){var t=x.queue(this,e,n);x._queueHooks(this,e),"fx"===e&&"inprogress"!==t[0]&&x.dequeue(this,e)})},dequeue:function(e){return this.each(function(){x.dequeue(this,e)})},delay:function(e,t){return e=x.fx?x.fx.speeds[e]||e:e,t=t||"fx",this.queue(t,function(t,n){var r=setTimeout(t,e);n.stop=function(){clearTimeout(r)}})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,n){var r,i=1,o=x.Deferred(),a=this,s=this.length,l=function(){--i||o.resolveWith(a,[a])};"string"!=typeof e&&(n=e,e=t),e=e||"fx";while(s--)r=x._data(a[s],e+"queueHooks"),r&&r.empty&&(i++,r.empty.add(l));return l(),o.promise(n)}});var z,X,U=/[\t\r\n\f]/g,V=/\r/g,Y=/^(?:input|select|textarea|button|object)$/i,J=/^(?:a|area)$/i,G=/^(?:checked|selected)$/i,Q=x.support.getSetAttribute,K=x.support.input;x.fn.extend({attr:function(e,t){return x.access(this,x.attr,e,t,arguments.length>1)},removeAttr:function(e){return this.each(function(){x.removeAttr(this,e)})},prop:function(e,t){return x.access(this,x.prop,e,t,arguments.length>1)},removeProp:function(e){return e=x.propFix[e]||e,this.each(function(){try{this[e]=t,delete this[e]}catch(n){}})},addClass:function(e){var t,n,r,i,o,a=0,s=this.length,l="string"==typeof e&&e;if(x.isFunction(e))return this.each(function(t){x(this).addClass(e.call(this,t,this.className))});if(l)for(t=(e||"").match(T)||[];s>a;a++)if(n=this[a],r=1===n.nodeType&&(n.className?(" "+n.className+" ").replace(U," "):" ")){o=0;while(i=t[o++])0>r.indexOf(" "+i+" ")&&(r+=i+" ");n.className=x.trim(r)}return this},removeClass:function(e){var t,n,r,i,o,a=0,s=this.length,l=0===arguments.length||"string"==typeof e&&e;if(x.isFunction(e))return this.each(function(t){x(this).removeClass(e.call(this,t,this.className))});if(l)for(t=(e||"").match(T)||[];s>a;a++)if(n=this[a],r=1===n.nodeType&&(n.className?(" "+n.className+" ").replace(U," "):"")){o=0;while(i=t[o++])while(r.indexOf(" "+i+" ")>=0)r=r.replace(" "+i+" "," ");n.className=e?x.trim(r):""}return this},toggleClass:function(e,t){var n=typeof e;return"boolean"==typeof t&&"string"===n?t?this.addClass(e):this.removeClass(e):x.isFunction(e)?this.each(function(n){x(this).toggleClass(e.call(this,n,this.className,t),t)}):this.each(function(){if("string"===n){var t,r=0,o=x(this),a=e.match(T)||[];while(t=a[r++])o.hasClass(t)?o.removeClass(t):o.addClass(t)}else(n===i||"boolean"===n)&&(this.className&&x._data(this,"__className__",this.className),this.className=this.className||e===!1?"":x._data(this,"__className__")||"")})},hasClass:function(e){var t=" "+e+" ",n=0,r=this.length;for(;r>n;n++)if(1===this[n].nodeType&&(" "+this[n].className+" ").replace(U," ").indexOf(t)>=0)return!0;return!1},val:function(e){var n,r,i,o=this[0];{if(arguments.length)return i=x.isFunction(e),this.each(function(n){var o;1===this.nodeType&&(o=i?e.call(this,n,x(this).val()):e,null==o?o="":"number"==typeof o?o+="":x.isArray(o)&&(o=x.map(o,function(e){return null==e?"":e+""})),r=x.valHooks[this.type]||x.valHooks[this.nodeName.toLowerCase()],r&&"set"in r&&r.set(this,o,"value")!==t||(this.value=o))});if(o)return r=x.valHooks[o.type]||x.valHooks[o.nodeName.toLowerCase()],r&&"get"in r&&(n=r.get(o,"value"))!==t?n:(n=o.value,"string"==typeof n?n.replace(V,""):null==n?"":n)}}}),x.extend({valHooks:{option:{get:function(e){var t=x.find.attr(e,"value");return null!=t?t:e.text}},select:{get:function(e){var t,n,r=e.options,i=e.selectedIndex,o="select-one"===e.type||0>i,a=o?null:[],s=o?i+1:r.length,l=0>i?s:o?i:0;for(;s>l;l++)if(n=r[l],!(!n.selected&&l!==i||(x.support.optDisabled?n.disabled:null!==n.getAttribute("disabled"))||n.parentNode.disabled&&x.nodeName(n.parentNode,"optgroup"))){if(t=x(n).val(),o)return t;a.push(t)}return a},set:function(e,t){var n,r,i=e.options,o=x.makeArray(t),a=i.length;while(a--)r=i[a],(r.selected=x.inArray(x(r).val(),o)>=0)&&(n=!0);return n||(e.selectedIndex=-1),o}}},attr:function(e,n,r){var o,a,s=e.nodeType;if(e&&3!==s&&8!==s&&2!==s)return typeof e.getAttribute===i?x.prop(e,n,r):(1===s&&x.isXMLDoc(e)||(n=n.toLowerCase(),o=x.attrHooks[n]||(x.expr.match.bool.test(n)?X:z)),r===t?o&&"get"in o&&null!==(a=o.get(e,n))?a:(a=x.find.attr(e,n),null==a?t:a):null!==r?o&&"set"in o&&(a=o.set(e,r,n))!==t?a:(e.setAttribute(n,r+""),r):(x.removeAttr(e,n),t))},removeAttr:function(e,t){var n,r,i=0,o=t&&t.match(T);if(o&&1===e.nodeType)while(n=o[i++])r=x.propFix[n]||n,x.expr.match.bool.test(n)?K&&Q||!G.test(n)?e[r]=!1:e[x.camelCase("default-"+n)]=e[r]=!1:x.attr(e,n,""),e.removeAttribute(Q?n:r)},attrHooks:{type:{set:function(e,t){if(!x.support.radioValue&&"radio"===t&&x.nodeName(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},propFix:{"for":"htmlFor","class":"className"},prop:function(e,n,r){var i,o,a,s=e.nodeType;if(e&&3!==s&&8!==s&&2!==s)return a=1!==s||!x.isXMLDoc(e),a&&(n=x.propFix[n]||n,o=x.propHooks[n]),r!==t?o&&"set"in o&&(i=o.set(e,r,n))!==t?i:e[n]=r:o&&"get"in o&&null!==(i=o.get(e,n))?i:e[n]},propHooks:{tabIndex:{get:function(e){var t=x.find.attr(e,"tabindex");return t?parseInt(t,10):Y.test(e.nodeName)||J.test(e.nodeName)&&e.href?0:-1}}}}),X={set:function(e,t,n){return t===!1?x.removeAttr(e,n):K&&Q||!G.test(n)?e.setAttribute(!Q&&x.propFix[n]||n,n):e[x.camelCase("default-"+n)]=e[n]=!0,n}},x.each(x.expr.match.bool.source.match(/\w+/g),function(e,n){var r=x.expr.attrHandle[n]||x.find.attr;x.expr.attrHandle[n]=K&&Q||!G.test(n)?function(e,n,i){var o=x.expr.attrHandle[n],a=i?t:(x.expr.attrHandle[n]=t)!=r(e,n,i)?n.toLowerCase():null;return x.expr.attrHandle[n]=o,a}:function(e,n,r){return r?t:e[x.camelCase("default-"+n)]?n.toLowerCase():null}}),K&&Q||(x.attrHooks.value={set:function(e,n,r){return x.nodeName(e,"input")?(e.defaultValue=n,t):z&&z.set(e,n,r)}}),Q||(z={set:function(e,n,r){var i=e.getAttributeNode(r);return i||e.setAttributeNode(i=e.ownerDocument.createAttribute(r)),i.value=n+="","value"===r||n===e.getAttribute(r)?n:t}},x.expr.attrHandle.id=x.expr.attrHandle.name=x.expr.attrHandle.coords=function(e,n,r){var i;return r?t:(i=e.getAttributeNode(n))&&""!==i.value?i.value:null},x.valHooks.button={get:function(e,n){var r=e.getAttributeNode(n);return r&&r.specified?r.value:t},set:z.set},x.attrHooks.contenteditable={set:function(e,t,n){z.set(e,""===t?!1:t,n)}},x.each(["width","height"],function(e,n){x.attrHooks[n]={set:function(e,r){return""===r?(e.setAttribute(n,"auto"),r):t}}})),x.support.hrefNormalized||x.each(["href","src"],function(e,t){x.propHooks[t]={get:function(e){return e.getAttribute(t,4)}}}),x.support.style||(x.attrHooks.style={get:function(e){return e.style.cssText||t},set:function(e,t){return e.style.cssText=t+""}}),x.support.optSelected||(x.propHooks.selected={get:function(e){var t=e.parentNode;return t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex),null}}),x.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){x.propFix[this.toLowerCase()]=this}),x.support.enctype||(x.propFix.enctype="encoding"),x.each(["radio","checkbox"],function(){x.valHooks[this]={set:function(e,n){return x.isArray(n)?e.checked=x.inArray(x(e).val(),n)>=0:t}},x.support.checkOn||(x.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})});var Z=/^(?:input|select|textarea)$/i,et=/^key/,tt=/^(?:mouse|contextmenu)|click/,nt=/^(?:focusinfocus|focusoutblur)$/,rt=/^([^.]*)(?:\.(.+)|)$/;function it(){return!0}function ot(){return!1}function at(){try{return a.activeElement}catch(e){}}x.event={global:{},add:function(e,n,r,o,a){var s,l,u,c,p,f,d,h,g,m,y,v=x._data(e);if(v){r.handler&&(c=r,r=c.handler,a=c.selector),r.guid||(r.guid=x.guid++),(l=v.events)||(l=v.events={}),(f=v.handle)||(f=v.handle=function(e){return typeof x===i||e&&x.event.triggered===e.type?t:x.event.dispatch.apply(f.elem,arguments)},f.elem=e),n=(n||"").match(T)||[""],u=n.length;while(u--)s=rt.exec(n[u])||[],g=y=s[1],m=(s[2]||"").split(".").sort(),g&&(p=x.event.special[g]||{},g=(a?p.delegateType:p.bindType)||g,p=x.event.special[g]||{},d=x.extend({type:g,origType:y,data:o,handler:r,guid:r.guid,selector:a,needsContext:a&&x.expr.match.needsContext.test(a),namespace:m.join(".")},c),(h=l[g])||(h=l[g]=[],h.delegateCount=0,p.setup&&p.setup.call(e,o,m,f)!==!1||(e.addEventListener?e.addEventListener(g,f,!1):e.attachEvent&&e.attachEvent("on"+g,f))),p.add&&(p.add.call(e,d),d.handler.guid||(d.handler.guid=r.guid)),a?h.splice(h.delegateCount++,0,d):h.push(d),x.event.global[g]=!0);e=null}},remove:function(e,t,n,r,i){var o,a,s,l,u,c,p,f,d,h,g,m=x.hasData(e)&&x._data(e);if(m&&(c=m.events)){t=(t||"").match(T)||[""],u=t.length;while(u--)if(s=rt.exec(t[u])||[],d=g=s[1],h=(s[2]||"").split(".").sort(),d){p=x.event.special[d]||{},d=(r?p.delegateType:p.bindType)||d,f=c[d]||[],s=s[2]&&RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),l=o=f.length;while(o--)a=f[o],!i&&g!==a.origType||n&&n.guid!==a.guid||s&&!s.test(a.namespace)||r&&r!==a.selector&&("**"!==r||!a.selector)||(f.splice(o,1),a.selector&&f.delegateCount--,p.remove&&p.remove.call(e,a));l&&!f.length&&(p.teardown&&p.teardown.call(e,h,m.handle)!==!1||x.removeEvent(e,d,m.handle),delete c[d])}else for(d in c)x.event.remove(e,d+t[u],n,r,!0);x.isEmptyObject(c)&&(delete m.handle,x._removeData(e,"events"))}},trigger:function(n,r,i,o){var s,l,u,c,p,f,d,h=[i||a],g=v.call(n,"type")?n.type:n,m=v.call(n,"namespace")?n.namespace.split("."):[];if(u=f=i=i||a,3!==i.nodeType&&8!==i.nodeType&&!nt.test(g+x.event.triggered)&&(g.indexOf(".")>=0&&(m=g.split("."),g=m.shift(),m.sort()),l=0>g.indexOf(":")&&"on"+g,n=n[x.expando]?n:new x.Event(g,"object"==typeof n&&n),n.isTrigger=o?2:3,n.namespace=m.join("."),n.namespace_re=n.namespace?RegExp("(^|\\.)"+m.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,n.result=t,n.target||(n.target=i),r=null==r?[n]:x.makeArray(r,[n]),p=x.event.special[g]||{},o||!p.trigger||p.trigger.apply(i,r)!==!1)){if(!o&&!p.noBubble&&!x.isWindow(i)){for(c=p.delegateType||g,nt.test(c+g)||(u=u.parentNode);u;u=u.parentNode)h.push(u),f=u;f===(i.ownerDocument||a)&&h.push(f.defaultView||f.parentWindow||e)}d=0;while((u=h[d++])&&!n.isPropagationStopped())n.type=d>1?c:p.bindType||g,s=(x._data(u,"events")||{})[n.type]&&x._data(u,"handle"),s&&s.apply(u,r),s=l&&u[l],s&&x.acceptData(u)&&s.apply&&s.apply(u,r)===!1&&n.preventDefault();if(n.type=g,!o&&!n.isDefaultPrevented()&&(!p._default||p._default.apply(h.pop(),r)===!1)&&x.acceptData(i)&&l&&i[g]&&!x.isWindow(i)){f=i[l],f&&(i[l]=null),x.event.triggered=g;try{i[g]()}catch(y){}x.event.triggered=t,f&&(i[l]=f)}return n.result}},dispatch:function(e){e=x.event.fix(e);var n,r,i,o,a,s=[],l=g.call(arguments),u=(x._data(this,"events")||{})[e.type]||[],c=x.event.special[e.type]||{};if(l[0]=e,e.delegateTarget=this,!c.preDispatch||c.preDispatch.call(this,e)!==!1){s=x.event.handlers.call(this,e,u),n=0;while((o=s[n++])&&!e.isPropagationStopped()){e.currentTarget=o.elem,a=0;while((i=o.handlers[a++])&&!e.isImmediatePropagationStopped())(!e.namespace_re||e.namespace_re.test(i.namespace))&&(e.handleObj=i,e.data=i.data,r=((x.event.special[i.origType]||{}).handle||i.handler).apply(o.elem,l),r!==t&&(e.result=r)===!1&&(e.preventDefault(),e.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,e),e.result}},handlers:function(e,n){var r,i,o,a,s=[],l=n.delegateCount,u=e.target;if(l&&u.nodeType&&(!e.button||"click"!==e.type))for(;u!=this;u=u.parentNode||this)if(1===u.nodeType&&(u.disabled!==!0||"click"!==e.type)){for(o=[],a=0;l>a;a++)i=n[a],r=i.selector+" ",o[r]===t&&(o[r]=i.needsContext?x(r,this).index(u)>=0:x.find(r,this,null,[u]).length),o[r]&&o.push(i);o.length&&s.push({elem:u,handlers:o})}return n.length>l&&s.push({elem:this,handlers:n.slice(l)}),s},fix:function(e){if(e[x.expando])return e;var t,n,r,i=e.type,o=e,s=this.fixHooks[i];s||(this.fixHooks[i]=s=tt.test(i)?this.mouseHooks:et.test(i)?this.keyHooks:{}),r=s.props?this.props.concat(s.props):this.props,e=new x.Event(o),t=r.length;while(t--)n=r[t],e[n]=o[n];return e.target||(e.target=o.srcElement||a),3===e.target.nodeType&&(e.target=e.target.parentNode),e.metaKey=!!e.metaKey,s.filter?s.filter(e,o):e},props:"altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),fixHooks:{},keyHooks:{props:"char charCode key keyCode".split(" "),filter:function(e,t){return null==e.which&&(e.which=null!=t.charCode?t.charCode:t.keyCode),e}},mouseHooks:{props:"button buttons clientX clientY fromElement offsetX offsetY pageX pageY screenX screenY toElement".split(" "),filter:function(e,n){var r,i,o,s=n.button,l=n.fromElement;return null==e.pageX&&null!=n.clientX&&(i=e.target.ownerDocument||a,o=i.documentElement,r=i.body,e.pageX=n.clientX+(o&&o.scrollLeft||r&&r.scrollLeft||0)-(o&&o.clientLeft||r&&r.clientLeft||0),e.pageY=n.clientY+(o&&o.scrollTop||r&&r.scrollTop||0)-(o&&o.clientTop||r&&r.clientTop||0)),!e.relatedTarget&&l&&(e.relatedTarget=l===e.target?n.toElement:l),e.which||s===t||(e.which=1&s?1:2&s?3:4&s?2:0),e}},special:{load:{noBubble:!0},focus:{trigger:function(){if(this!==at()&&this.focus)try{return this.focus(),!1}catch(e){}},delegateType:"focusin"},blur:{trigger:function(){return this===at()&&this.blur?(this.blur(),!1):t},delegateType:"focusout"},click:{trigger:function(){return x.nodeName(this,"input")&&"checkbox"===this.type&&this.click?(this.click(),!1):t},_default:function(e){return x.nodeName(e.target,"a")}},beforeunload:{postDispatch:function(e){e.result!==t&&(e.originalEvent.returnValue=e.result)}}},simulate:function(e,t,n,r){var i=x.extend(new x.Event,n,{type:e,isSimulated:!0,originalEvent:{}});r?x.event.trigger(i,null,t):x.event.dispatch.call(t,i),i.isDefaultPrevented()&&n.preventDefault()}},x.removeEvent=a.removeEventListener?function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n,!1)}:function(e,t,n){var r="on"+t;e.detachEvent&&(typeof e[r]===i&&(e[r]=null),e.detachEvent(r,n))},x.Event=function(e,n){return this instanceof x.Event?(e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||e.returnValue===!1||e.getPreventDefault&&e.getPreventDefault()?it:ot):this.type=e,n&&x.extend(this,n),this.timeStamp=e&&e.timeStamp||x.now(),this[x.expando]=!0,t):new x.Event(e,n)},x.Event.prototype={isDefaultPrevented:ot,isPropagationStopped:ot,isImmediatePropagationStopped:ot,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=it,e&&(e.preventDefault?e.preventDefault():e.returnValue=!1)},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=it,e&&(e.stopPropagation&&e.stopPropagation(),e.cancelBubble=!0)},stopImmediatePropagation:function(){this.isImmediatePropagationStopped=it,this.stopPropagation()}},x.each({mouseenter:"mouseover",mouseleave:"mouseout"},function(e,t){x.event.special[e]={delegateType:t,bindType:t,handle:function(e){var n,r=this,i=e.relatedTarget,o=e.handleObj;return(!i||i!==r&&!x.contains(r,i))&&(e.type=o.origType,n=o.handler.apply(this,arguments),e.type=t),n}}}),x.support.submitBubbles||(x.event.special.submit={setup:function(){return x.nodeName(this,"form")?!1:(x.event.add(this,"click._submit keypress._submit",function(e){var n=e.target,r=x.nodeName(n,"input")||x.nodeName(n,"button")?n.form:t;r&&!x._data(r,"submitBubbles")&&(x.event.add(r,"submit._submit",function(e){e._submit_bubble=!0}),x._data(r,"submitBubbles",!0))}),t)},postDispatch:function(e){e._submit_bubble&&(delete e._submit_bubble,this.parentNode&&!e.isTrigger&&x.event.simulate("submit",this.parentNode,e,!0))},teardown:function(){return x.nodeName(this,"form")?!1:(x.event.remove(this,"._submit"),t)}}),x.support.changeBubbles||(x.event.special.change={setup:function(){return Z.test(this.nodeName)?(("checkbox"===this.type||"radio"===this.type)&&(x.event.add(this,"propertychange._change",function(e){"checked"===e.originalEvent.propertyName&&(this._just_changed=!0)}),x.event.add(this,"click._change",function(e){this._just_changed&&!e.isTrigger&&(this._just_changed=!1),x.event.simulate("change",this,e,!0)})),!1):(x.event.add(this,"beforeactivate._change",function(e){var t=e.target;Z.test(t.nodeName)&&!x._data(t,"changeBubbles")&&(x.event.add(t,"change._change",function(e){!this.parentNode||e.isSimulated||e.isTrigger||x.event.simulate("change",this.parentNode,e,!0)}),x._data(t,"changeBubbles",!0))}),t)},handle:function(e){var n=e.target;return this!==n||e.isSimulated||e.isTrigger||"radio"!==n.type&&"checkbox"!==n.type?e.handleObj.handler.apply(this,arguments):t},teardown:function(){return x.event.remove(this,"._change"),!Z.test(this.nodeName)}}),x.support.focusinBubbles||x.each({focus:"focusin",blur:"focusout"},function(e,t){var n=0,r=function(e){x.event.simulate(t,e.target,x.event.fix(e),!0)};x.event.special[t]={setup:function(){0===n++&&a.addEventListener(e,r,!0)},teardown:function(){0===--n&&a.removeEventListener(e,r,!0)}}}),x.fn.extend({on:function(e,n,r,i,o){var a,s;if("object"==typeof e){"string"!=typeof n&&(r=r||n,n=t);for(a in e)this.on(a,n,r,e[a],o);return this}if(null==r&&null==i?(i=n,r=n=t):null==i&&("string"==typeof n?(i=r,r=t):(i=r,r=n,n=t)),i===!1)i=ot;else if(!i)return this;return 1===o&&(s=i,i=function(e){return x().off(e),s.apply(this,arguments)},i.guid=s.guid||(s.guid=x.guid++)),this.each(function(){x.event.add(this,e,i,r,n)})},one:function(e,t,n,r){return this.on(e,t,n,r,1)},off:function(e,n,r){var i,o;if(e&&e.preventDefault&&e.handleObj)return i=e.handleObj,x(e.delegateTarget).off(i.namespace?i.origType+"."+i.namespace:i.origType,i.selector,i.handler),this;if("object"==typeof e){for(o in e)this.off(o,n,e[o]);return this}return(n===!1||"function"==typeof n)&&(r=n,n=t),r===!1&&(r=ot),this.each(function(){x.event.remove(this,e,r,n)})},trigger:function(e,t){return this.each(function(){x.event.trigger(e,t,this)})},triggerHandler:function(e,n){var r=this[0];return r?x.event.trigger(e,n,r,!0):t}});var st=/^.[^:#\[\.,]*$/,lt=/^(?:parents|prev(?:Until|All))/,ut=x.expr.match.needsContext,ct={children:!0,contents:!0,next:!0,prev:!0};x.fn.extend({find:function(e){var t,n=[],r=this,i=r.length;if("string"!=typeof e)return this.pushStack(x(e).filter(function(){for(t=0;i>t;t++)if(x.contains(r[t],this))return!0}));for(t=0;i>t;t++)x.find(e,r[t],n);return n=this.pushStack(i>1?x.unique(n):n),n.selector=this.selector?this.selector+" "+e:e,n},has:function(e){var t,n=x(e,this),r=n.length;return this.filter(function(){for(t=0;r>t;t++)if(x.contains(this,n[t]))return!0})},not:function(e){return this.pushStack(ft(this,e||[],!0))},filter:function(e){return this.pushStack(ft(this,e||[],!1))},is:function(e){return!!ft(this,"string"==typeof e&&ut.test(e)?x(e):e||[],!1).length},closest:function(e,t){var n,r=0,i=this.length,o=[],a=ut.test(e)||"string"!=typeof e?x(e,t||this.context):0;for(;i>r;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(11>n.nodeType&&(a?a.index(n)>-1:1===n.nodeType&&x.find.matchesSelector(n,e))){n=o.push(n);break}return this.pushStack(o.length>1?x.unique(o):o)},index:function(e){return e?"string"==typeof e?x.inArray(this[0],x(e)):x.inArray(e.jquery?e[0]:e,this):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){var n="string"==typeof e?x(e,t):x.makeArray(e&&e.nodeType?[e]:e),r=x.merge(this.get(),n);return this.pushStack(x.unique(r))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}});function pt(e,t){do e=e[t];while(e&&1!==e.nodeType);return e}x.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return x.dir(e,"parentNode")},parentsUntil:function(e,t,n){return x.dir(e,"parentNode",n)},next:function(e){return pt(e,"nextSibling")},prev:function(e){return pt(e,"previousSibling")},nextAll:function(e){return x.dir(e,"nextSibling")},prevAll:function(e){return x.dir(e,"previousSibling")},nextUntil:function(e,t,n){return x.dir(e,"nextSibling",n)},prevUntil:function(e,t,n){return x.dir(e,"previousSibling",n)},siblings:function(e){return x.sibling((e.parentNode||{}).firstChild,e)},children:function(e){return x.sibling(e.firstChild)},contents:function(e){return x.nodeName(e,"iframe")?e.contentDocument||e.contentWindow.document:x.merge([],e.childNodes)}},function(e,t){x.fn[e]=function(n,r){var i=x.map(this,t,n);return"Until"!==e.slice(-5)&&(r=n),r&&"string"==typeof r&&(i=x.filter(r,i)),this.length>1&&(ct[e]||(i=x.unique(i)),lt.test(e)&&(i=i.reverse())),this.pushStack(i)}}),x.extend({filter:function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?x.find.matchesSelector(r,e)?[r]:[]:x.find.matches(e,x.grep(t,function(e){return 1===e.nodeType}))},dir:function(e,n,r){var i=[],o=e[n];while(o&&9!==o.nodeType&&(r===t||1!==o.nodeType||!x(o).is(r)))1===o.nodeType&&i.push(o),o=o[n];return i},sibling:function(e,t){var n=[];for(;e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n}});function ft(e,t,n){if(x.isFunction(t))return x.grep(e,function(e,r){return!!t.call(e,r,e)!==n});if(t.nodeType)return x.grep(e,function(e){return e===t!==n});if("string"==typeof t){if(st.test(t))return x.filter(t,e,n);t=x.filter(t,e)}return x.grep(e,function(e){return x.inArray(e,t)>=0!==n})}function dt(e){var t=ht.split("|"),n=e.createDocumentFragment();if(n.createElement)while(t.length)n.createElement(t.pop());return n}var ht="abbr|article|aside|audio|bdi|canvas|data|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",gt=/ jQuery\d+="(?:null|\d+)"/g,mt=RegExp("<(?:"+ht+")[\\s/>]","i"),yt=/^\s+/,vt=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/gi,bt=/<([\w:]+)/,xt=/<tbody/i,wt=/<|&#?\w+;/,Tt=/<(?:script|style|link)/i,Ct=/^(?:checkbox|radio)$/i,Nt=/checked\s*(?:[^=]|=\s*.checked.)/i,kt=/^$|\/(?:java|ecma)script/i,Et=/^true\/(.*)/,St=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g,At={option:[1,"<select multiple='multiple'>","</select>"],legend:[1,"<fieldset>","</fieldset>"],area:[1,"<map>","</map>"],param:[1,"<object>","</object>"],thead:[1,"<table>","</table>"],tr:[2,"<table><tbody>","</tbody></table>"],col:[2,"<table><tbody></tbody><colgroup>","</colgroup></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:x.support.htmlSerialize?[0,"",""]:[1,"X<div>","</div>"]},jt=dt(a),Dt=jt.appendChild(a.createElement("div"));At.optgroup=At.option,At.tbody=At.tfoot=At.colgroup=At.caption=At.thead,At.th=At.td,x.fn.extend({text:function(e){return x.access(this,function(e){return e===t?x.text(this):this.empty().append((this[0]&&this[0].ownerDocument||a).createTextNode(e))},null,e,arguments.length)},append:function(){return this.domManip(arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Lt(this,e);t.appendChild(e)}})},prepend:function(){return this.domManip(arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Lt(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return this.domManip(arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return this.domManip(arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},remove:function(e,t){var n,r=e?x.filter(e,this):this,i=0;for(;null!=(n=r[i]);i++)t||1!==n.nodeType||x.cleanData(Ft(n)),n.parentNode&&(t&&x.contains(n.ownerDocument,n)&&_t(Ft(n,"script")),n.parentNode.removeChild(n));return this},empty:function(){var e,t=0;for(;null!=(e=this[t]);t++){1===e.nodeType&&x.cleanData(Ft(e,!1));while(e.firstChild)e.removeChild(e.firstChild);e.options&&x.nodeName(e,"select")&&(e.options.length=0)}return this},clone:function(e,t){return e=null==e?!1:e,t=null==t?e:t,this.map(function(){return x.clone(this,e,t)})},html:function(e){return x.access(this,function(e){var n=this[0]||{},r=0,i=this.length;if(e===t)return 1===n.nodeType?n.innerHTML.replace(gt,""):t;if(!("string"!=typeof e||Tt.test(e)||!x.support.htmlSerialize&&mt.test(e)||!x.support.leadingWhitespace&&yt.test(e)||At[(bt.exec(e)||["",""])[1].toLowerCase()])){e=e.replace(vt,"<$1></$2>");try{for(;i>r;r++)n=this[r]||{},1===n.nodeType&&(x.cleanData(Ft(n,!1)),n.innerHTML=e);n=0}catch(o){}}n&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var e=x.map(this,function(e){return[e.nextSibling,e.parentNode]}),t=0;return this.domManip(arguments,function(n){var r=e[t++],i=e[t++];i&&(r&&r.parentNode!==i&&(r=this.nextSibling),x(this).remove(),i.insertBefore(n,r))},!0),t?this:this.remove()},detach:function(e){return this.remove(e,!0)},domManip:function(e,t,n){e=d.apply([],e);var r,i,o,a,s,l,u=0,c=this.length,p=this,f=c-1,h=e[0],g=x.isFunction(h);if(g||!(1>=c||"string"!=typeof h||x.support.checkClone)&&Nt.test(h))return this.each(function(r){var i=p.eq(r);g&&(e[0]=h.call(this,r,i.html())),i.domManip(e,t,n)});if(c&&(l=x.buildFragment(e,this[0].ownerDocument,!1,!n&&this),r=l.firstChild,1===l.childNodes.length&&(l=r),r)){for(a=x.map(Ft(l,"script"),Ht),o=a.length;c>u;u++)i=l,u!==f&&(i=x.clone(i,!0,!0),o&&x.merge(a,Ft(i,"script"))),t.call(this[u],i,u);if(o)for(s=a[a.length-1].ownerDocument,x.map(a,qt),u=0;o>u;u++)i=a[u],kt.test(i.type||"")&&!x._data(i,"globalEval")&&x.contains(s,i)&&(i.src?x._evalUrl(i.src):x.globalEval((i.text||i.textContent||i.innerHTML||"").replace(St,"")));l=r=null}return this}});function Lt(e,t){return x.nodeName(e,"table")&&x.nodeName(1===t.nodeType?t:t.firstChild,"tr")?e.getElementsByTagName("tbody")[0]||e.appendChild(e.ownerDocument.createElement("tbody")):e}function Ht(e){return e.type=(null!==x.find.attr(e,"type"))+"/"+e.type,e}function qt(e){var t=Et.exec(e.type);return t?e.type=t[1]:e.removeAttribute("type"),e}function _t(e,t){var n,r=0;for(;null!=(n=e[r]);r++)x._data(n,"globalEval",!t||x._data(t[r],"globalEval"))}function Mt(e,t){if(1===t.nodeType&&x.hasData(e)){var n,r,i,o=x._data(e),a=x._data(t,o),s=o.events;if(s){delete a.handle,a.events={};for(n in s)for(r=0,i=s[n].length;i>r;r++)x.event.add(t,n,s[n][r])}a.data&&(a.data=x.extend({},a.data))}}function Ot(e,t){var n,r,i;if(1===t.nodeType){if(n=t.nodeName.toLowerCase(),!x.support.noCloneEvent&&t[x.expando]){i=x._data(t);for(r in i.events)x.removeEvent(t,r,i.handle);t.removeAttribute(x.expando)}"script"===n&&t.text!==e.text?(Ht(t).text=e.text,qt(t)):"object"===n?(t.parentNode&&(t.outerHTML=e.outerHTML),x.support.html5Clone&&e.innerHTML&&!x.trim(t.innerHTML)&&(t.innerHTML=e.innerHTML)):"input"===n&&Ct.test(e.type)?(t.defaultChecked=t.checked=e.checked,t.value!==e.value&&(t.value=e.value)):"option"===n?t.defaultSelected=t.selected=e.defaultSelected:("input"===n||"textarea"===n)&&(t.defaultValue=e.defaultValue)}}x.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,t){x.fn[e]=function(e){var n,r=0,i=[],o=x(e),a=o.length-1;for(;a>=r;r++)n=r===a?this:this.clone(!0),x(o[r])[t](n),h.apply(i,n.get());return this.pushStack(i)}});function Ft(e,n){var r,o,a=0,s=typeof e.getElementsByTagName!==i?e.getElementsByTagName(n||"*"):typeof e.querySelectorAll!==i?e.querySelectorAll(n||"*"):t;if(!s)for(s=[],r=e.childNodes||e;null!=(o=r[a]);a++)!n||x.nodeName(o,n)?s.push(o):x.merge(s,Ft(o,n));return n===t||n&&x.nodeName(e,n)?x.merge([e],s):s}function Bt(e){Ct.test(e.type)&&(e.defaultChecked=e.checked)}x.extend({clone:function(e,t,n){var r,i,o,a,s,l=x.contains(e.ownerDocument,e);if(x.support.html5Clone||x.isXMLDoc(e)||!mt.test("<"+e.nodeName+">")?o=e.cloneNode(!0):(Dt.innerHTML=e.outerHTML,Dt.removeChild(o=Dt.firstChild)),!(x.support.noCloneEvent&&x.support.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||x.isXMLDoc(e)))for(r=Ft(o),s=Ft(e),a=0;null!=(i=s[a]);++a)r[a]&&Ot(i,r[a]);if(t)if(n)for(s=s||Ft(e),r=r||Ft(o),a=0;null!=(i=s[a]);a++)Mt(i,r[a]);else Mt(e,o);return r=Ft(o,"script"),r.length>0&&_t(r,!l&&Ft(e,"script")),r=s=i=null,o},buildFragment:function(e,t,n,r){var i,o,a,s,l,u,c,p=e.length,f=dt(t),d=[],h=0;for(;p>h;h++)if(o=e[h],o||0===o)if("object"===x.type(o))x.merge(d,o.nodeType?[o]:o);else if(wt.test(o)){s=s||f.appendChild(t.createElement("div")),l=(bt.exec(o)||["",""])[1].toLowerCase(),c=At[l]||At._default,s.innerHTML=c[1]+o.replace(vt,"<$1></$2>")+c[2],i=c[0];while(i--)s=s.lastChild;if(!x.support.leadingWhitespace&&yt.test(o)&&d.push(t.createTextNode(yt.exec(o)[0])),!x.support.tbody){o="table"!==l||xt.test(o)?"<table>"!==c[1]||xt.test(o)?0:s:s.firstChild,i=o&&o.childNodes.length;while(i--)x.nodeName(u=o.childNodes[i],"tbody")&&!u.childNodes.length&&o.removeChild(u)}x.merge(d,s.childNodes),s.textContent="";while(s.firstChild)s.removeChild(s.firstChild);s=f.lastChild}else d.push(t.createTextNode(o));s&&f.removeChild(s),x.support.appendChecked||x.grep(Ft(d,"input"),Bt),h=0;while(o=d[h++])if((!r||-1===x.inArray(o,r))&&(a=x.contains(o.ownerDocument,o),s=Ft(f.appendChild(o),"script"),a&&_t(s),n)){i=0;while(o=s[i++])kt.test(o.type||"")&&n.push(o)}return s=null,f},cleanData:function(e,t){var n,r,o,a,s=0,l=x.expando,u=x.cache,c=x.support.deleteExpando,f=x.event.special;for(;null!=(n=e[s]);s++)if((t||x.acceptData(n))&&(o=n[l],a=o&&u[o])){if(a.events)for(r in a.events)f[r]?x.event.remove(n,r):x.removeEvent(n,r,a.handle);
-u[o]&&(delete u[o],c?delete n[l]:typeof n.removeAttribute!==i?n.removeAttribute(l):n[l]=null,p.push(o))}},_evalUrl:function(e){return x.ajax({url:e,type:"GET",dataType:"script",async:!1,global:!1,"throws":!0})}}),x.fn.extend({wrapAll:function(e){if(x.isFunction(e))return this.each(function(t){x(this).wrapAll(e.call(this,t))});if(this[0]){var t=x(e,this[0].ownerDocument).eq(0).clone(!0);this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstChild&&1===e.firstChild.nodeType)e=e.firstChild;return e}).append(this)}return this},wrapInner:function(e){return x.isFunction(e)?this.each(function(t){x(this).wrapInner(e.call(this,t))}):this.each(function(){var t=x(this),n=t.contents();n.length?n.wrapAll(e):t.append(e)})},wrap:function(e){var t=x.isFunction(e);return this.each(function(n){x(this).wrapAll(t?e.call(this,n):e)})},unwrap:function(){return this.parent().each(function(){x.nodeName(this,"body")||x(this).replaceWith(this.childNodes)}).end()}});var Pt,Rt,Wt,$t=/alpha\([^)]*\)/i,It=/opacity\s*=\s*([^)]*)/,zt=/^(top|right|bottom|left)$/,Xt=/^(none|table(?!-c[ea]).+)/,Ut=/^margin/,Vt=RegExp("^("+w+")(.*)$","i"),Yt=RegExp("^("+w+")(?!px)[a-z%]+$","i"),Jt=RegExp("^([+-])=("+w+")","i"),Gt={BODY:"block"},Qt={position:"absolute",visibility:"hidden",display:"block"},Kt={letterSpacing:0,fontWeight:400},Zt=["Top","Right","Bottom","Left"],en=["Webkit","O","Moz","ms"];function tn(e,t){if(t in e)return t;var n=t.charAt(0).toUpperCase()+t.slice(1),r=t,i=en.length;while(i--)if(t=en[i]+n,t in e)return t;return r}function nn(e,t){return e=t||e,"none"===x.css(e,"display")||!x.contains(e.ownerDocument,e)}function rn(e,t){var n,r,i,o=[],a=0,s=e.length;for(;s>a;a++)r=e[a],r.style&&(o[a]=x._data(r,"olddisplay"),n=r.style.display,t?(o[a]||"none"!==n||(r.style.display=""),""===r.style.display&&nn(r)&&(o[a]=x._data(r,"olddisplay",ln(r.nodeName)))):o[a]||(i=nn(r),(n&&"none"!==n||!i)&&x._data(r,"olddisplay",i?n:x.css(r,"display"))));for(a=0;s>a;a++)r=e[a],r.style&&(t&&"none"!==r.style.display&&""!==r.style.display||(r.style.display=t?o[a]||"":"none"));return e}x.fn.extend({css:function(e,n){return x.access(this,function(e,n,r){var i,o,a={},s=0;if(x.isArray(n)){for(o=Rt(e),i=n.length;i>s;s++)a[n[s]]=x.css(e,n[s],!1,o);return a}return r!==t?x.style(e,n,r):x.css(e,n)},e,n,arguments.length>1)},show:function(){return rn(this,!0)},hide:function(){return rn(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){nn(this)?x(this).show():x(this).hide()})}}),x.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=Wt(e,"opacity");return""===n?"1":n}}}},cssNumber:{columnCount:!0,fillOpacity:!0,fontWeight:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{"float":x.support.cssFloat?"cssFloat":"styleFloat"},style:function(e,n,r,i){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var o,a,s,l=x.camelCase(n),u=e.style;if(n=x.cssProps[l]||(x.cssProps[l]=tn(u,l)),s=x.cssHooks[n]||x.cssHooks[l],r===t)return s&&"get"in s&&(o=s.get(e,!1,i))!==t?o:u[n];if(a=typeof r,"string"===a&&(o=Jt.exec(r))&&(r=(o[1]+1)*o[2]+parseFloat(x.css(e,n)),a="number"),!(null==r||"number"===a&&isNaN(r)||("number"!==a||x.cssNumber[l]||(r+="px"),x.support.clearCloneStyle||""!==r||0!==n.indexOf("background")||(u[n]="inherit"),s&&"set"in s&&(r=s.set(e,r,i))===t)))try{u[n]=r}catch(c){}}},css:function(e,n,r,i){var o,a,s,l=x.camelCase(n);return n=x.cssProps[l]||(x.cssProps[l]=tn(e.style,l)),s=x.cssHooks[n]||x.cssHooks[l],s&&"get"in s&&(a=s.get(e,!0,r)),a===t&&(a=Wt(e,n,i)),"normal"===a&&n in Kt&&(a=Kt[n]),""===r||r?(o=parseFloat(a),r===!0||x.isNumeric(o)?o||0:a):a}}),e.getComputedStyle?(Rt=function(t){return e.getComputedStyle(t,null)},Wt=function(e,n,r){var i,o,a,s=r||Rt(e),l=s?s.getPropertyValue(n)||s[n]:t,u=e.style;return s&&(""!==l||x.contains(e.ownerDocument,e)||(l=x.style(e,n)),Yt.test(l)&&Ut.test(n)&&(i=u.width,o=u.minWidth,a=u.maxWidth,u.minWidth=u.maxWidth=u.width=l,l=s.width,u.width=i,u.minWidth=o,u.maxWidth=a)),l}):a.documentElement.currentStyle&&(Rt=function(e){return e.currentStyle},Wt=function(e,n,r){var i,o,a,s=r||Rt(e),l=s?s[n]:t,u=e.style;return null==l&&u&&u[n]&&(l=u[n]),Yt.test(l)&&!zt.test(n)&&(i=u.left,o=e.runtimeStyle,a=o&&o.left,a&&(o.left=e.currentStyle.left),u.left="fontSize"===n?"1em":l,l=u.pixelLeft+"px",u.left=i,a&&(o.left=a)),""===l?"auto":l});function on(e,t,n){var r=Vt.exec(t);return r?Math.max(0,r[1]-(n||0))+(r[2]||"px"):t}function an(e,t,n,r,i){var o=n===(r?"border":"content")?4:"width"===t?1:0,a=0;for(;4>o;o+=2)"margin"===n&&(a+=x.css(e,n+Zt[o],!0,i)),r?("content"===n&&(a-=x.css(e,"padding"+Zt[o],!0,i)),"margin"!==n&&(a-=x.css(e,"border"+Zt[o]+"Width",!0,i))):(a+=x.css(e,"padding"+Zt[o],!0,i),"padding"!==n&&(a+=x.css(e,"border"+Zt[o]+"Width",!0,i)));return a}function sn(e,t,n){var r=!0,i="width"===t?e.offsetWidth:e.offsetHeight,o=Rt(e),a=x.support.boxSizing&&"border-box"===x.css(e,"boxSizing",!1,o);if(0>=i||null==i){if(i=Wt(e,t,o),(0>i||null==i)&&(i=e.style[t]),Yt.test(i))return i;r=a&&(x.support.boxSizingReliable||i===e.style[t]),i=parseFloat(i)||0}return i+an(e,t,n||(a?"border":"content"),r,o)+"px"}function ln(e){var t=a,n=Gt[e];return n||(n=un(e,t),"none"!==n&&n||(Pt=(Pt||x("<iframe frameborder='0' width='0' height='0'/>").css("cssText","display:block !important")).appendTo(t.documentElement),t=(Pt[0].contentWindow||Pt[0].contentDocument).document,t.write("<!doctype html><html><body>"),t.close(),n=un(e,t),Pt.detach()),Gt[e]=n),n}function un(e,t){var n=x(t.createElement(e)).appendTo(t.body),r=x.css(n[0],"display");return n.remove(),r}x.each(["height","width"],function(e,n){x.cssHooks[n]={get:function(e,r,i){return r?0===e.offsetWidth&&Xt.test(x.css(e,"display"))?x.swap(e,Qt,function(){return sn(e,n,i)}):sn(e,n,i):t},set:function(e,t,r){var i=r&&Rt(e);return on(e,t,r?an(e,n,r,x.support.boxSizing&&"border-box"===x.css(e,"boxSizing",!1,i),i):0)}}}),x.support.opacity||(x.cssHooks.opacity={get:function(e,t){return It.test((t&&e.currentStyle?e.currentStyle.filter:e.style.filter)||"")?.01*parseFloat(RegExp.$1)+"":t?"1":""},set:function(e,t){var n=e.style,r=e.currentStyle,i=x.isNumeric(t)?"alpha(opacity="+100*t+")":"",o=r&&r.filter||n.filter||"";n.zoom=1,(t>=1||""===t)&&""===x.trim(o.replace($t,""))&&n.removeAttribute&&(n.removeAttribute("filter"),""===t||r&&!r.filter)||(n.filter=$t.test(o)?o.replace($t,i):o+" "+i)}}),x(function(){x.support.reliableMarginRight||(x.cssHooks.marginRight={get:function(e,n){return n?x.swap(e,{display:"inline-block"},Wt,[e,"marginRight"]):t}}),!x.support.pixelPosition&&x.fn.position&&x.each(["top","left"],function(e,n){x.cssHooks[n]={get:function(e,r){return r?(r=Wt(e,n),Yt.test(r)?x(e).position()[n]+"px":r):t}}})}),x.expr&&x.expr.filters&&(x.expr.filters.hidden=function(e){return 0>=e.offsetWidth&&0>=e.offsetHeight||!x.support.reliableHiddenOffsets&&"none"===(e.style&&e.style.display||x.css(e,"display"))},x.expr.filters.visible=function(e){return!x.expr.filters.hidden(e)}),x.each({margin:"",padding:"",border:"Width"},function(e,t){x.cssHooks[e+t]={expand:function(n){var r=0,i={},o="string"==typeof n?n.split(" "):[n];for(;4>r;r++)i[e+Zt[r]+t]=o[r]||o[r-2]||o[0];return i}},Ut.test(e)||(x.cssHooks[e+t].set=on)});var cn=/%20/g,pn=/\[\]$/,fn=/\r?\n/g,dn=/^(?:submit|button|image|reset|file)$/i,hn=/^(?:input|select|textarea|keygen)/i;x.fn.extend({serialize:function(){return x.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=x.prop(this,"elements");return e?x.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!x(this).is(":disabled")&&hn.test(this.nodeName)&&!dn.test(e)&&(this.checked||!Ct.test(e))}).map(function(e,t){var n=x(this).val();return null==n?null:x.isArray(n)?x.map(n,function(e){return{name:t.name,value:e.replace(fn,"\r\n")}}):{name:t.name,value:n.replace(fn,"\r\n")}}).get()}}),x.param=function(e,n){var r,i=[],o=function(e,t){t=x.isFunction(t)?t():null==t?"":t,i[i.length]=encodeURIComponent(e)+"="+encodeURIComponent(t)};if(n===t&&(n=x.ajaxSettings&&x.ajaxSettings.traditional),x.isArray(e)||e.jquery&&!x.isPlainObject(e))x.each(e,function(){o(this.name,this.value)});else for(r in e)gn(r,e[r],n,o);return i.join("&").replace(cn,"+")};function gn(e,t,n,r){var i;if(x.isArray(t))x.each(t,function(t,i){n||pn.test(e)?r(e,i):gn(e+"["+("object"==typeof i?t:"")+"]",i,n,r)});else if(n||"object"!==x.type(t))r(e,t);else for(i in t)gn(e+"["+i+"]",t[i],n,r)}x.each("blur focus focusin focusout load resize scroll unload click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup error contextmenu".split(" "),function(e,t){x.fn[t]=function(e,n){return arguments.length>0?this.on(t,null,e,n):this.trigger(t)}}),x.fn.extend({hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)},bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)}});var mn,yn,vn=x.now(),bn=/\?/,xn=/#.*$/,wn=/([?&])_=[^&]*/,Tn=/^(.*?):[ \t]*([^\r\n]*)\r?$/gm,Cn=/^(?:about|app|app-storage|.+-extension|file|res|widget):$/,Nn=/^(?:GET|HEAD)$/,kn=/^\/\//,En=/^([\w.+-]+:)(?:\/\/([^\/?#:]*)(?::(\d+)|)|)/,Sn=x.fn.load,An={},jn={},Dn="*/".concat("*");try{yn=o.href}catch(Ln){yn=a.createElement("a"),yn.href="",yn=yn.href}mn=En.exec(yn.toLowerCase())||[];function Hn(e){return function(t,n){"string"!=typeof t&&(n=t,t="*");var r,i=0,o=t.toLowerCase().match(T)||[];if(x.isFunction(n))while(r=o[i++])"+"===r[0]?(r=r.slice(1)||"*",(e[r]=e[r]||[]).unshift(n)):(e[r]=e[r]||[]).push(n)}}function qn(e,n,r,i){var o={},a=e===jn;function s(l){var u;return o[l]=!0,x.each(e[l]||[],function(e,l){var c=l(n,r,i);return"string"!=typeof c||a||o[c]?a?!(u=c):t:(n.dataTypes.unshift(c),s(c),!1)}),u}return s(n.dataTypes[0])||!o["*"]&&s("*")}function _n(e,n){var r,i,o=x.ajaxSettings.flatOptions||{};for(i in n)n[i]!==t&&((o[i]?e:r||(r={}))[i]=n[i]);return r&&x.extend(!0,e,r),e}x.fn.load=function(e,n,r){if("string"!=typeof e&&Sn)return Sn.apply(this,arguments);var i,o,a,s=this,l=e.indexOf(" ");return l>=0&&(i=e.slice(l,e.length),e=e.slice(0,l)),x.isFunction(n)?(r=n,n=t):n&&"object"==typeof n&&(a="POST"),s.length>0&&x.ajax({url:e,type:a,dataType:"html",data:n}).done(function(e){o=arguments,s.html(i?x("<div>").append(x.parseHTML(e)).find(i):e)}).complete(r&&function(e,t){s.each(r,o||[e.responseText,t,e])}),this},x.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){x.fn[t]=function(e){return this.on(t,e)}}),x.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:yn,type:"GET",isLocal:Cn.test(mn[1]),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":Dn,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":x.parseJSON,"text xml":x.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?_n(_n(e,x.ajaxSettings),t):_n(x.ajaxSettings,e)},ajaxPrefilter:Hn(An),ajaxTransport:Hn(jn),ajax:function(e,n){"object"==typeof e&&(n=e,e=t),n=n||{};var r,i,o,a,s,l,u,c,p=x.ajaxSetup({},n),f=p.context||p,d=p.context&&(f.nodeType||f.jquery)?x(f):x.event,h=x.Deferred(),g=x.Callbacks("once memory"),m=p.statusCode||{},y={},v={},b=0,w="canceled",C={readyState:0,getResponseHeader:function(e){var t;if(2===b){if(!c){c={};while(t=Tn.exec(a))c[t[1].toLowerCase()]=t[2]}t=c[e.toLowerCase()]}return null==t?null:t},getAllResponseHeaders:function(){return 2===b?a:null},setRequestHeader:function(e,t){var n=e.toLowerCase();return b||(e=v[n]=v[n]||e,y[e]=t),this},overrideMimeType:function(e){return b||(p.mimeType=e),this},statusCode:function(e){var t;if(e)if(2>b)for(t in e)m[t]=[m[t],e[t]];else C.always(e[C.status]);return this},abort:function(e){var t=e||w;return u&&u.abort(t),k(0,t),this}};if(h.promise(C).complete=g.add,C.success=C.done,C.error=C.fail,p.url=((e||p.url||yn)+"").replace(xn,"").replace(kn,mn[1]+"//"),p.type=n.method||n.type||p.method||p.type,p.dataTypes=x.trim(p.dataType||"*").toLowerCase().match(T)||[""],null==p.crossDomain&&(r=En.exec(p.url.toLowerCase()),p.crossDomain=!(!r||r[1]===mn[1]&&r[2]===mn[2]&&(r[3]||("http:"===r[1]?"80":"443"))===(mn[3]||("http:"===mn[1]?"80":"443")))),p.data&&p.processData&&"string"!=typeof p.data&&(p.data=x.param(p.data,p.traditional)),qn(An,p,n,C),2===b)return C;l=p.global,l&&0===x.active++&&x.event.trigger("ajaxStart"),p.type=p.type.toUpperCase(),p.hasContent=!Nn.test(p.type),o=p.url,p.hasContent||(p.data&&(o=p.url+=(bn.test(o)?"&":"?")+p.data,delete p.data),p.cache===!1&&(p.url=wn.test(o)?o.replace(wn,"$1_="+vn++):o+(bn.test(o)?"&":"?")+"_="+vn++)),p.ifModified&&(x.lastModified[o]&&C.setRequestHeader("If-Modified-Since",x.lastModified[o]),x.etag[o]&&C.setRequestHeader("If-None-Match",x.etag[o])),(p.data&&p.hasContent&&p.contentType!==!1||n.contentType)&&C.setRequestHeader("Content-Type",p.contentType),C.setRequestHeader("Accept",p.dataTypes[0]&&p.accepts[p.dataTypes[0]]?p.accepts[p.dataTypes[0]]+("*"!==p.dataTypes[0]?", "+Dn+"; q=0.01":""):p.accepts["*"]);for(i in p.headers)C.setRequestHeader(i,p.headers[i]);if(p.beforeSend&&(p.beforeSend.call(f,C,p)===!1||2===b))return C.abort();w="abort";for(i in{success:1,error:1,complete:1})C[i](p[i]);if(u=qn(jn,p,n,C)){C.readyState=1,l&&d.trigger("ajaxSend",[C,p]),p.async&&p.timeout>0&&(s=setTimeout(function(){C.abort("timeout")},p.timeout));try{b=1,u.send(y,k)}catch(N){if(!(2>b))throw N;k(-1,N)}}else k(-1,"No Transport");function k(e,n,r,i){var c,y,v,w,T,N=n;2!==b&&(b=2,s&&clearTimeout(s),u=t,a=i||"",C.readyState=e>0?4:0,c=e>=200&&300>e||304===e,r&&(w=Mn(p,C,r)),w=On(p,w,C,c),c?(p.ifModified&&(T=C.getResponseHeader("Last-Modified"),T&&(x.lastModified[o]=T),T=C.getResponseHeader("etag"),T&&(x.etag[o]=T)),204===e||"HEAD"===p.type?N="nocontent":304===e?N="notmodified":(N=w.state,y=w.data,v=w.error,c=!v)):(v=N,(e||!N)&&(N="error",0>e&&(e=0))),C.status=e,C.statusText=(n||N)+"",c?h.resolveWith(f,[y,N,C]):h.rejectWith(f,[C,N,v]),C.statusCode(m),m=t,l&&d.trigger(c?"ajaxSuccess":"ajaxError",[C,p,c?y:v]),g.fireWith(f,[C,N]),l&&(d.trigger("ajaxComplete",[C,p]),--x.active||x.event.trigger("ajaxStop")))}return C},getJSON:function(e,t,n){return x.get(e,t,n,"json")},getScript:function(e,n){return x.get(e,t,n,"script")}}),x.each(["get","post"],function(e,n){x[n]=function(e,r,i,o){return x.isFunction(r)&&(o=o||i,i=r,r=t),x.ajax({url:e,type:n,dataType:o,data:r,success:i})}});function Mn(e,n,r){var i,o,a,s,l=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),o===t&&(o=e.mimeType||n.getResponseHeader("Content-Type"));if(o)for(s in l)if(l[s]&&l[s].test(o)){u.unshift(s);break}if(u[0]in r)a=u[0];else{for(s in r){if(!u[0]||e.converters[s+" "+u[0]]){a=s;break}i||(i=s)}a=a||i}return a?(a!==u[0]&&u.unshift(a),r[a]):t}function On(e,t,n,r){var i,o,a,s,l,u={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)u[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!l&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),l=o,o=c.shift())if("*"===o)o=l;else if("*"!==l&&l!==o){if(a=u[l+" "+o]||u["* "+o],!a)for(i in u)if(s=i.split(" "),s[1]===o&&(a=u[l+" "+s[0]]||u["* "+s[0]])){a===!0?a=u[i]:u[i]!==!0&&(o=s[0],c.unshift(s[1]));break}if(a!==!0)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(p){return{state:"parsererror",error:a?p:"No conversion from "+l+" to "+o}}}return{state:"success",data:t}}x.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/(?:java|ecma)script/},converters:{"text script":function(e){return x.globalEval(e),e}}}),x.ajaxPrefilter("script",function(e){e.cache===t&&(e.cache=!1),e.crossDomain&&(e.type="GET",e.global=!1)}),x.ajaxTransport("script",function(e){if(e.crossDomain){var n,r=a.head||x("head")[0]||a.documentElement;return{send:function(t,i){n=a.createElement("script"),n.async=!0,e.scriptCharset&&(n.charset=e.scriptCharset),n.src=e.url,n.onload=n.onreadystatechange=function(e,t){(t||!n.readyState||/loaded|complete/.test(n.readyState))&&(n.onload=n.onreadystatechange=null,n.parentNode&&n.parentNode.removeChild(n),n=null,t||i(200,"success"))},r.insertBefore(n,r.firstChild)},abort:function(){n&&n.onload(t,!0)}}}});var Fn=[],Bn=/(=)\?(?=&|$)|\?\?/;x.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Fn.pop()||x.expando+"_"+vn++;return this[e]=!0,e}}),x.ajaxPrefilter("json jsonp",function(n,r,i){var o,a,s,l=n.jsonp!==!1&&(Bn.test(n.url)?"url":"string"==typeof n.data&&!(n.contentType||"").indexOf("application/x-www-form-urlencoded")&&Bn.test(n.data)&&"data");return l||"jsonp"===n.dataTypes[0]?(o=n.jsonpCallback=x.isFunction(n.jsonpCallback)?n.jsonpCallback():n.jsonpCallback,l?n[l]=n[l].replace(Bn,"$1"+o):n.jsonp!==!1&&(n.url+=(bn.test(n.url)?"&":"?")+n.jsonp+"="+o),n.converters["script json"]=function(){return s||x.error(o+" was not called"),s[0]},n.dataTypes[0]="json",a=e[o],e[o]=function(){s=arguments},i.always(function(){e[o]=a,n[o]&&(n.jsonpCallback=r.jsonpCallback,Fn.push(o)),s&&x.isFunction(a)&&a(s[0]),s=a=t}),"script"):t});var Pn,Rn,Wn=0,$n=e.ActiveXObject&&function(){var e;for(e in Pn)Pn[e](t,!0)};function In(){try{return new e.XMLHttpRequest}catch(t){}}function zn(){try{return new e.ActiveXObject("Microsoft.XMLHTTP")}catch(t){}}x.ajaxSettings.xhr=e.ActiveXObject?function(){return!this.isLocal&&In()||zn()}:In,Rn=x.ajaxSettings.xhr(),x.support.cors=!!Rn&&"withCredentials"in Rn,Rn=x.support.ajax=!!Rn,Rn&&x.ajaxTransport(function(n){if(!n.crossDomain||x.support.cors){var r;return{send:function(i,o){var a,s,l=n.xhr();if(n.username?l.open(n.type,n.url,n.async,n.username,n.password):l.open(n.type,n.url,n.async),n.xhrFields)for(s in n.xhrFields)l[s]=n.xhrFields[s];n.mimeType&&l.overrideMimeType&&l.overrideMimeType(n.mimeType),n.crossDomain||i["X-Requested-With"]||(i["X-Requested-With"]="XMLHttpRequest");try{for(s in i)l.setRequestHeader(s,i[s])}catch(u){}l.send(n.hasContent&&n.data||null),r=function(e,i){var s,u,c,p;try{if(r&&(i||4===l.readyState))if(r=t,a&&(l.onreadystatechange=x.noop,$n&&delete Pn[a]),i)4!==l.readyState&&l.abort();else{p={},s=l.status,u=l.getAllResponseHeaders(),"string"==typeof l.responseText&&(p.text=l.responseText);try{c=l.statusText}catch(f){c=""}s||!n.isLocal||n.crossDomain?1223===s&&(s=204):s=p.text?200:404}}catch(d){i||o(-1,d)}p&&o(s,c,p,u)},n.async?4===l.readyState?setTimeout(r):(a=++Wn,$n&&(Pn||(Pn={},x(e).unload($n)),Pn[a]=r),l.onreadystatechange=r):r()},abort:function(){r&&r(t,!0)}}}});var Xn,Un,Vn=/^(?:toggle|show|hide)$/,Yn=RegExp("^(?:([+-])=|)("+w+")([a-z%]*)$","i"),Jn=/queueHooks$/,Gn=[nr],Qn={"*":[function(e,t){var n=this.createTween(e,t),r=n.cur(),i=Yn.exec(t),o=i&&i[3]||(x.cssNumber[e]?"":"px"),a=(x.cssNumber[e]||"px"!==o&&+r)&&Yn.exec(x.css(n.elem,e)),s=1,l=20;if(a&&a[3]!==o){o=o||a[3],i=i||[],a=+r||1;do s=s||".5",a/=s,x.style(n.elem,e,a+o);while(s!==(s=n.cur()/r)&&1!==s&&--l)}return i&&(a=n.start=+a||+r||0,n.unit=o,n.end=i[1]?a+(i[1]+1)*i[2]:+i[2]),n}]};function Kn(){return setTimeout(function(){Xn=t}),Xn=x.now()}function Zn(e,t,n){var r,i=(Qn[t]||[]).concat(Qn["*"]),o=0,a=i.length;for(;a>o;o++)if(r=i[o].call(n,t,e))return r}function er(e,t,n){var r,i,o=0,a=Gn.length,s=x.Deferred().always(function(){delete l.elem}),l=function(){if(i)return!1;var t=Xn||Kn(),n=Math.max(0,u.startTime+u.duration-t),r=n/u.duration||0,o=1-r,a=0,l=u.tweens.length;for(;l>a;a++)u.tweens[a].run(o);return s.notifyWith(e,[u,o,n]),1>o&&l?n:(s.resolveWith(e,[u]),!1)},u=s.promise({elem:e,props:x.extend({},t),opts:x.extend(!0,{specialEasing:{}},n),originalProperties:t,originalOptions:n,startTime:Xn||Kn(),duration:n.duration,tweens:[],createTween:function(t,n){var r=x.Tween(e,u.opts,t,n,u.opts.specialEasing[t]||u.opts.easing);return u.tweens.push(r),r},stop:function(t){var n=0,r=t?u.tweens.length:0;if(i)return this;for(i=!0;r>n;n++)u.tweens[n].run(1);return t?s.resolveWith(e,[u,t]):s.rejectWith(e,[u,t]),this}}),c=u.props;for(tr(c,u.opts.specialEasing);a>o;o++)if(r=Gn[o].call(u,e,c,u.opts))return r;return x.map(c,Zn,u),x.isFunction(u.opts.start)&&u.opts.start.call(e,u),x.fx.timer(x.extend(l,{elem:e,anim:u,queue:u.opts.queue})),u.progress(u.opts.progress).done(u.opts.done,u.opts.complete).fail(u.opts.fail).always(u.opts.always)}function tr(e,t){var n,r,i,o,a;for(n in e)if(r=x.camelCase(n),i=t[r],o=e[n],x.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),a=x.cssHooks[r],a&&"expand"in a){o=a.expand(o),delete e[r];for(n in o)n in e||(e[n]=o[n],t[n]=i)}else t[r]=i}x.Animation=x.extend(er,{tweener:function(e,t){x.isFunction(e)?(t=e,e=["*"]):e=e.split(" ");var n,r=0,i=e.length;for(;i>r;r++)n=e[r],Qn[n]=Qn[n]||[],Qn[n].unshift(t)},prefilter:function(e,t){t?Gn.unshift(e):Gn.push(e)}});function nr(e,t,n){var r,i,o,a,s,l,u=this,c={},p=e.style,f=e.nodeType&&nn(e),d=x._data(e,"fxshow");n.queue||(s=x._queueHooks(e,"fx"),null==s.unqueued&&(s.unqueued=0,l=s.empty.fire,s.empty.fire=function(){s.unqueued||l()}),s.unqueued++,u.always(function(){u.always(function(){s.unqueued--,x.queue(e,"fx").length||s.empty.fire()})})),1===e.nodeType&&("height"in t||"width"in t)&&(n.overflow=[p.overflow,p.overflowX,p.overflowY],"inline"===x.css(e,"display")&&"none"===x.css(e,"float")&&(x.support.inlineBlockNeedsLayout&&"inline"!==ln(e.nodeName)?p.zoom=1:p.display="inline-block")),n.overflow&&(p.overflow="hidden",x.support.shrinkWrapBlocks||u.always(function(){p.overflow=n.overflow[0],p.overflowX=n.overflow[1],p.overflowY=n.overflow[2]}));for(r in t)if(i=t[r],Vn.exec(i)){if(delete t[r],o=o||"toggle"===i,i===(f?"hide":"show"))continue;c[r]=d&&d[r]||x.style(e,r)}if(!x.isEmptyObject(c)){d?"hidden"in d&&(f=d.hidden):d=x._data(e,"fxshow",{}),o&&(d.hidden=!f),f?x(e).show():u.done(function(){x(e).hide()}),u.done(function(){var t;x._removeData(e,"fxshow");for(t in c)x.style(e,t,c[t])});for(r in c)a=Zn(f?d[r]:0,r,u),r in d||(d[r]=a.start,f&&(a.end=a.start,a.start="width"===r||"height"===r?1:0))}}function rr(e,t,n,r,i){return new rr.prototype.init(e,t,n,r,i)}x.Tween=rr,rr.prototype={constructor:rr,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||"swing",this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(x.cssNumber[n]?"":"px")},cur:function(){var e=rr.propHooks[this.prop];return e&&e.get?e.get(this):rr.propHooks._default.get(this)},run:function(e){var t,n=rr.propHooks[this.prop];return this.pos=t=this.options.duration?x.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):rr.propHooks._default.set(this),this}},rr.prototype.init.prototype=rr.prototype,rr.propHooks={_default:{get:function(e){var t;return null==e.elem[e.prop]||e.elem.style&&null!=e.elem.style[e.prop]?(t=x.css(e.elem,e.prop,""),t&&"auto"!==t?t:0):e.elem[e.prop]},set:function(e){x.fx.step[e.prop]?x.fx.step[e.prop](e):e.elem.style&&(null!=e.elem.style[x.cssProps[e.prop]]||x.cssHooks[e.prop])?x.style(e.elem,e.prop,e.now+e.unit):e.elem[e.prop]=e.now}}},rr.propHooks.scrollTop=rr.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},x.each(["toggle","show","hide"],function(e,t){var n=x.fn[t];x.fn[t]=function(e,r,i){return null==e||"boolean"==typeof e?n.apply(this,arguments):this.animate(ir(t,!0),e,r,i)}}),x.fn.extend({fadeTo:function(e,t,n,r){return this.filter(nn).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(e,t,n,r){var i=x.isEmptyObject(e),o=x.speed(t,n,r),a=function(){var t=er(this,x.extend({},e),o);(i||x._data(this,"finish"))&&t.stop(!0)};return a.finish=a,i||o.queue===!1?this.each(a):this.queue(o.queue,a)},stop:function(e,n,r){var i=function(e){var t=e.stop;delete e.stop,t(r)};return"string"!=typeof e&&(r=n,n=e,e=t),n&&e!==!1&&this.queue(e||"fx",[]),this.each(function(){var t=!0,n=null!=e&&e+"queueHooks",o=x.timers,a=x._data(this);if(n)a[n]&&a[n].stop&&i(a[n]);else for(n in a)a[n]&&a[n].stop&&Jn.test(n)&&i(a[n]);for(n=o.length;n--;)o[n].elem!==this||null!=e&&o[n].queue!==e||(o[n].anim.stop(r),t=!1,o.splice(n,1));(t||!r)&&x.dequeue(this,e)})},finish:function(e){return e!==!1&&(e=e||"fx"),this.each(function(){var t,n=x._data(this),r=n[e+"queue"],i=n[e+"queueHooks"],o=x.timers,a=r?r.length:0;for(n.finish=!0,x.queue(this,e,[]),i&&i.stop&&i.stop.call(this,!0),t=o.length;t--;)o[t].elem===this&&o[t].queue===e&&(o[t].anim.stop(!0),o.splice(t,1));for(t=0;a>t;t++)r[t]&&r[t].finish&&r[t].finish.call(this);delete n.finish})}});function ir(e,t){var n,r={height:e},i=0;for(t=t?1:0;4>i;i+=2-t)n=Zt[i],r["margin"+n]=r["padding"+n]=e;return t&&(r.opacity=r.width=e),r}x.each({slideDown:ir("show"),slideUp:ir("hide"),slideToggle:ir("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,t){x.fn[e]=function(e,n,r){return this.animate(t,e,n,r)}}),x.speed=function(e,t,n){var r=e&&"object"==typeof e?x.extend({},e):{complete:n||!n&&t||x.isFunction(e)&&e,duration:e,easing:n&&t||t&&!x.isFunction(t)&&t};return r.duration=x.fx.off?0:"number"==typeof r.duration?r.duration:r.duration in x.fx.speeds?x.fx.speeds[r.duration]:x.fx.speeds._default,(null==r.queue||r.queue===!0)&&(r.queue="fx"),r.old=r.complete,r.complete=function(){x.isFunction(r.old)&&r.old.call(this),r.queue&&x.dequeue(this,r.queue)},r},x.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2}},x.timers=[],x.fx=rr.prototype.init,x.fx.tick=function(){var e,n=x.timers,r=0;for(Xn=x.now();n.length>r;r++)e=n[r],e()||n[r]!==e||n.splice(r--,1);n.length||x.fx.stop(),Xn=t},x.fx.timer=function(e){e()&&x.timers.push(e)&&x.fx.start()},x.fx.interval=13,x.fx.start=function(){Un||(Un=setInterval(x.fx.tick,x.fx.interval))},x.fx.stop=function(){clearInterval(Un),Un=null},x.fx.speeds={slow:600,fast:200,_default:400},x.fx.step={},x.expr&&x.expr.filters&&(x.expr.filters.animated=function(e){return x.grep(x.timers,function(t){return e===t.elem}).length}),x.fn.offset=function(e){if(arguments.length)return e===t?this:this.each(function(t){x.offset.setOffset(this,e,t)});var n,r,o={top:0,left:0},a=this[0],s=a&&a.ownerDocument;if(s)return n=s.documentElement,x.contains(n,a)?(typeof a.getBoundingClientRect!==i&&(o=a.getBoundingClientRect()),r=or(s),{top:o.top+(r.pageYOffset||n.scrollTop)-(n.clientTop||0),left:o.left+(r.pageXOffset||n.scrollLeft)-(n.clientLeft||0)}):o},x.offset={setOffset:function(e,t,n){var r=x.css(e,"position");"static"===r&&(e.style.position="relative");var i=x(e),o=i.offset(),a=x.css(e,"top"),s=x.css(e,"left"),l=("absolute"===r||"fixed"===r)&&x.inArray("auto",[a,s])>-1,u={},c={},p,f;l?(c=i.position(),p=c.top,f=c.left):(p=parseFloat(a)||0,f=parseFloat(s)||0),x.isFunction(t)&&(t=t.call(e,n,o)),null!=t.top&&(u.top=t.top-o.top+p),null!=t.left&&(u.left=t.left-o.left+f),"using"in t?t.using.call(e,u):i.css(u)}},x.fn.extend({position:function(){if(this[0]){var e,t,n={top:0,left:0},r=this[0];return"fixed"===x.css(r,"position")?t=r.getBoundingClientRect():(e=this.offsetParent(),t=this.offset(),x.nodeName(e[0],"html")||(n=e.offset()),n.top+=x.css(e[0],"borderTopWidth",!0),n.left+=x.css(e[0],"borderLeftWidth",!0)),{top:t.top-n.top-x.css(r,"marginTop",!0),left:t.left-n.left-x.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent||s;while(e&&!x.nodeName(e,"html")&&"static"===x.css(e,"position"))e=e.offsetParent;return e||s})}}),x.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(e,n){var r=/Y/.test(n);x.fn[e]=function(i){return x.access(this,function(e,i,o){var a=or(e);return o===t?a?n in a?a[n]:a.document.documentElement[i]:e[i]:(a?a.scrollTo(r?x(a).scrollLeft():o,r?o:x(a).scrollTop()):e[i]=o,t)},e,i,arguments.length,null)}});function or(e){return x.isWindow(e)?e:9===e.nodeType?e.defaultView||e.parentWindow:!1}x.each({Height:"height",Width:"width"},function(e,n){x.each({padding:"inner"+e,content:n,"":"outer"+e},function(r,i){x.fn[i]=function(i,o){var a=arguments.length&&(r||"boolean"!=typeof i),s=r||(i===!0||o===!0?"margin":"border");return x.access(this,function(n,r,i){var o;return x.isWindow(n)?n.document.documentElement["client"+e]:9===n.nodeType?(o=n.documentElement,Math.max(n.body["scroll"+e],o["scroll"+e],n.body["offset"+e],o["offset"+e],o["client"+e])):i===t?x.css(n,r,s):x.style(n,r,i,s)},n,a?i:t,a,null)}})}),x.fn.size=function(){return this.length},x.fn.andSelf=x.fn.addBack,"object"==typeof module&&module&&"object"==typeof module.exports?module.exports=x:(e.jQuery=e.$=x,"function"==typeof define&&define.amd&&define("jquery",[],function(){return x}))})(window);
-// Deck Core and extensions
-/*!
-Deck JS - deck.core
-Copyright (c) 2011 Caleb Troughton
-Dual licensed under the MIT license and GPL license.
-https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
-https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
-*/
-
-/*
-The deck.core module provides all the basic functionality for creating and
-moving through a deck.  It does so by applying classes to indicate the state of
-the deck and its slides, allowing CSS to take care of the visual representation
-of each state.  It also provides methods for navigating the deck and inspecting
-its state, as well as basic key bindings for going to the next and previous
-slides.  More functionality is provided by wholly separate extension modules
-that use the API provided by core.
-*/
-(function($, deck, document, undefined) {
-	var slides, // Array of all the uh, slides...
-	current, // Array index of the current slide
-	$container, // Keeping this cached
-
-	events = {
-		/*
-		This event fires whenever the current slide changes, whether by way of
-		next, prev, or go. The callback function is passed two parameters, from
-		and to, equal to the indices of the old slide and the new slide
-		respectively. If preventDefault is called on the event within this handler
-		the slide change does not occur.
-
-		$(document).bind('deck.change', function(event, from, to) {
-		   alert('Moving from slide ' + from + ' to ' + to);
-		});
-		*/
-		change: 'deck.change',
-
-		/*
-		This event fires at the beginning of deck initialization, after the options
-		are set but before the slides array is created.  This event makes a good hook
-		for preprocessing extensions looking to modify the deck.
-		*/
-		beforeInitialize: 'deck.beforeInit',
-
-		/*
-		This event fires at the end of deck initialization. Extensions should
-		implement any code that relies on user extensible options (key bindings,
-		element selectors, classes) within a handler for this event. Native
-		events associated with Deck JS should be scoped under a .deck event
-		namespace, as with the example below:
-
-		var $d = $(document);
-		$.deck.defaults.keys.myExtensionKeycode = 70; // 'h'
-		$d.bind('deck.init', function() {
-		   $d.bind('keydown.deck', function(event) {
-		      if (event.which === $.deck.getOptions().keys.myExtensionKeycode) {
-		         // Rock out
-		      }
-		   });
-		});
-		*/
-		initialize: 'deck.init'
-	},
-
-	options = {},
-	$d = $(document),
-
-	/*
-	Internal function. Updates slide and container classes based on which
-	slide is the current slide.
-	*/
-	updateStates = function() {
-		var oc = options.classes,
-		osc = options.selectors.container,
-		old = $container.data('onSlide'),
-		$all = $();
-
-		// Container state
-		$container.removeClass(oc.onPrefix + old)
-			.addClass(oc.onPrefix + current)
-			.data('onSlide', current);
-
-		// Remove and re-add child-current classes for nesting
-		$('.' + oc.current).parentsUntil(osc).removeClass(oc.childCurrent);
-		slides[current].parentsUntil(osc).addClass(oc.childCurrent);
-
-		// Remove previous states
-		$.each(slides, function(i, el) {
-			$all = $all.add(el);
-		});
-		$all.removeClass([
-			oc.before,
-			oc.previous,
-			oc.current,
-			oc.next,
-			oc.after
-		].join(" "));
-
-		// Add new states back in
-		slides[current].addClass(oc.current);
-		if (current > 0) {
-			slides[current-1].addClass(oc.previous);
-		}
-		if (current + 1 < slides.length) {
-			slides[current+1].addClass(oc.next);
-		}
-		if (current > 1) {
-			$.each(slides.slice(0, current - 1), function(i, el) {
-				el.addClass(oc.before);
-			});
-		}
-		if (current + 2 < slides.length) {
-			$.each(slides.slice(current+2), function(i, el) {
-				el.addClass(oc.after);
-			});
-		}
-	},
-
-	/* Methods exposed in the jQuery.deck namespace */
-	methods = {
-
-		/*
-		jQuery.deck(selector, options)
-
-		selector: string | jQuery | array
-		options: object, optional
-
-		Initializes the deck, using each element matched by selector as a slide.
-		May also be passed an array of string selectors or jQuery objects, in
-		which case each selector in the array is considered a slide. The second
-		parameter is an optional options object which will extend the default
-		values.
-
-		$.deck('.slide');
-
-		or
-
-		$.deck([
-		   '#first-slide',
-		   '#second-slide',
-		   '#etc'
-		]);
-		*/
-		init: function(elements, opts) {
-			var startTouch,
-			tolerance,
-			esp = function(e) {
-				e.stopPropagation();
-			};
-
-			options = $.extend(true, {}, $[deck].defaults, opts);
-			slides = [];
-			current = 0;
-			$container = $(options.selectors.container);
-			tolerance = options.touch.swipeTolerance;
-
-			// Pre init event for preprocessing hooks
-			$d.trigger(events.beforeInitialize);
-
-			// Hide the deck while states are being applied to kill transitions
-			$container.addClass(options.classes.loading);
-
-			// Fill slides array depending on parameter type
-			if ($.isArray(elements)) {
-				$.each(elements, function(i, e) {
-					slides.push($(e));
-				});
-			}
-			else {
-				$(elements).each(function(i, e) {
-					slides.push($(e));
-				});
-			}
-
-			/* Remove any previous bindings, and rebind key events */
-			$d.unbind('keydown.deck').bind('keydown.deck', function(e) {
-				if (e.which === options.keys.next || $.inArray(e.which, options.keys.next) > -1) {
-					methods.next();
-					e.preventDefault();
-				}
-				else if (e.which === options.keys.previous || $.inArray(e.which, options.keys.previous) > -1) {
-					methods.prev();
-					e.preventDefault();
-				}
-			})
-			/* Stop propagation of key events within editable elements */
-			.undelegate('input, textarea, select, button, meter, progress, [contentEditable]', 'keydown', esp)
-			.delegate('input, textarea, select, button, meter, progress, [contentEditable]', 'keydown', esp);
-
-			/* Bind touch events for swiping between slides on touch devices */
-			$container.unbind('touchstart.deck').bind('touchstart.deck', function(e) {
-				if (!startTouch) {
-					startTouch = $.extend({}, e.originalEvent.targetTouches[0]);
-				}
-			})
-			.unbind('touchmove.deck').bind('touchmove.deck', function(e) {
-				$.each(e.originalEvent.changedTouches, function(i, t) {
-					if (startTouch && t.identifier === startTouch.identifier) {
-						if (t.screenX - startTouch.screenX > tolerance || t.screenY - startTouch.screenY > tolerance) {
-							$[deck]('prev');
-							startTouch = undefined;
-						}
-						else if (t.screenX - startTouch.screenX < -1 * tolerance || t.screenY - startTouch.screenY < -1 * tolerance) {
-							$[deck]('next');
-							startTouch = undefined;
-						}
-						return false;
-					}
-				});
-				e.preventDefault();
-			})
-			.unbind('touchend.deck').bind('touchend.deck', function(t) {
-				$.each(t.originalEvent.changedTouches, function(i, t) {
-					if (startTouch && t.identifier === startTouch.identifier) {
-						startTouch = undefined;
-					}
-				});
-			})
-			.scrollLeft(0).scrollTop(0);
-
-			/*
-			Kick iframe videos, which dont like to redraw w/ transforms.
-			Remove this if Webkit ever fixes it.
-			 */
-			$.each(slides, function(i, $el) {
-				$el.unbind('webkitTransitionEnd.deck').bind('webkitTransitionEnd.deck',
-				function(event) {
-					if ($el.hasClass($[deck]('getOptions').classes.current)) {
-						var embeds = $(this).find('iframe').css('opacity', 0);
-						window.setTimeout(function() {
-							embeds.css('opacity', 1);
-						}, 100);
-					}
-				});
-			});
-
-			if (slides.length) {
-				updateStates();
-			}
-
-			// Show deck again now that slides are in place
-			$container.removeClass(options.classes.loading);
-			$d.trigger(events.initialize);
-		},
-
-		/*
-		jQuery.deck('go', index)
-
-		index: integer | string
-
-		Moves to the slide at the specified index if index is a number. Index is
-		0-based, so $.deck('go', 0); will move to the first slide. If index is a
-		string this will move to the slide with the specified id. If index is out
-		of bounds or doesn't match a slide id the call is ignored.
-		*/
-		go: function(index) {
-			var e = $.Event(events.change),
-			ndx;
-
-			/* Number index, easy. */
-			if (typeof index === 'number' && index >= 0 && index < slides.length) {
-				ndx = index;
-			}
-			/* Id string index, search for it and set integer index */
-			else if (typeof index === 'string') {
-				$.each(slides, function(i, $slide) {
-					if ($slide.attr('id') === index) {
-						ndx = i;
-						return false;
-					}
-				});
-			};
-
-			/* Out of bounds, id doesn't exist, illegal input, eject */
-			if (typeof ndx === 'undefined') return;
-
-			$d.trigger(e, [current, ndx]);
-			if (e.isDefaultPrevented()) {
-				/* Trigger the event again and undo the damage done by extensions. */
-				$d.trigger(events.change, [ndx, current]);
-			}
-			else {
-				current = ndx;
-				updateStates();
-			}
-		},
-
-		/*
-		jQuery.deck('next')
-
-		Moves to the next slide. If the last slide is already active, the call
-		is ignored.
-		*/
-		next: function() {
-			methods.go(current+1);
-		},
-
-		/*
-		jQuery.deck('prev')
-
-		Moves to the previous slide. If the first slide is already active, the
-		call is ignored.
-		*/
-		prev: function() {
-			methods.go(current-1);
-		},
-
-		/*
-		jQuery.deck('getSlide', index)
-
-		index: integer, optional
-
-		Returns a jQuery object containing the slide at index. If index is not
-		specified, the current slide is returned.
-		*/
-		getSlide: function(index) {
-			var i = typeof index !== 'undefined' ? index : current;
-			if (typeof i != 'number' || i < 0 || i >= slides.length) return null;
-			return slides[i];
-		},
-
-		/*
-		jQuery.deck('getSlides')
-
-		Returns all slides as an array of jQuery objects.
-		*/
-		getSlides: function() {
-			return slides;
-		},
-
-		/*
-		jQuery.deck('getContainer')
-
-		Returns a jQuery object containing the deck container as defined by the
-		container option.
-		*/
-		getContainer: function() {
-			return $container;
-		},
-
-		/*
-		jQuery.deck('getOptions')
-
-		Returns the options object for the deck, including any overrides that
-		were defined at initialization.
-		*/
-		getOptions: function() {
-			return options;
-		},
-
-		/*
-		jQuery.deck('extend', name, method)
-
-		name: string
-		method: function
-
-		Adds method to the deck namespace with the key of name. This doesn’t
-		give access to any private member data — public methods must still be
-		used within method — but lets extension authors piggyback on the deck
-		namespace rather than pollute jQuery.
-
-		$.deck('extend', 'alert', function(msg) {
-		   alert(msg);
-		});
-
-		// Alerts 'boom'
-		$.deck('alert', 'boom');
-		*/
-		extend: function(name, method) {
-			methods[name] = method;
-		}
-	};
-
-	/* jQuery extension */
-	$[deck] = function(method, arg) {
-		if (methods[method]) {
-			return methods[method].apply(this, Array.prototype.slice.call(arguments, 1));
-		}
-		else {
-			return methods.init(method, arg);
-		}
-	};
-
-	/*
-	The default settings object for a deck. All deck extensions should extend
-	this object to add defaults for any of their options.
-
-	options.classes.after
-		This class is added to all slides that appear after the 'next' slide.
-
-	options.classes.before
-		This class is added to all slides that appear before the 'previous'
-		slide.
-
-	options.classes.childCurrent
-		This class is added to all elements in the DOM tree between the
-		'current' slide and the deck container. For standard slides, this is
-		mostly seen and used for nested slides.
-
-	options.classes.current
-		This class is added to the current slide.
-
-	options.classes.loading
-		This class is applied to the deck container during loading phases and is
-		primarily used as a way to short circuit transitions between states
-		where such transitions are distracting or unwanted.  For example, this
-		class is applied during deck initialization and then removed to prevent
-		all the slides from appearing stacked and transitioning into place
-		on load.
-
-	options.classes.next
-		This class is added to the slide immediately following the 'current'
-		slide.
-
-	options.classes.onPrefix
-		This prefix, concatenated with the current slide index, is added to the
-		deck container as you change slides.
-
-	options.classes.previous
-		This class is added to the slide immediately preceding the 'current'
-		slide.
-
-	options.selectors.container
-		Elements matched by this CSS selector will be considered the deck
-		container. The deck container is used to scope certain states of the
-		deck, as with the onPrefix option, or with extensions such as deck.goto
-		and deck.menu.
-
-	options.keys.next
-		The numeric keycode used to go to the next slide.
-
-	options.keys.previous
-		The numeric keycode used to go to the previous slide.
-
-	options.touch.swipeTolerance
-		The number of pixels the users finger must travel to produce a swipe
-		gesture.
-	*/
-	$[deck].defaults = {
-		classes: {
-			after: 'deck-after',
-			before: 'deck-before',
-			childCurrent: 'deck-child-current',
-			current: 'deck-current',
-			loading: 'deck-loading',
-			next: 'deck-next',
-			onPrefix: 'on-slide-',
-			previous: 'deck-previous'
-		},
-
-		selectors: {
-			container: '.deck-container'
-		},
-
-		keys: {
-			// enter, space, page down, right arrow, down arrow,
-			next: [13, 32, 34, 39, 40],
-			// backspace, page up, left arrow, up arrow
-			previous: [8, 33, 37, 38]
-		},
-
-		touch: {
-			swipeTolerance: 60
-		}
-	};
-
-	$d.ready(function() {
-		$('html').addClass('ready');
-	});
-
-	/*
-	FF + Transforms + Flash video don't get along...
-	Firefox will reload and start playing certain videos after a
-	transform.  Blanking the src when a previously shown slide goes out
-	of view prevents this.
-	*/
-	$d.bind('deck.change', function(e, from, to) {
-		var oldFrames = $[deck]('getSlide', from).find('iframe'),
-		newFrames = $[deck]('getSlide', to).find('iframe');
-
-		oldFrames.each(function() {
-	    	var $this = $(this),
-	    	curSrc = $this.attr('src');
-
-            if(curSrc) {
-            	$this.data('deck-src', curSrc).attr('src', '');
-            }
-		});
-
-		newFrames.each(function() {
-			var $this = $(this),
-			originalSrc = $this.data('deck-src');
-
-			if (originalSrc) {
-				$this.attr('src', originalSrc);
-			}
-		});
-	});
-})(jQuery, 'deck', document);
-/*!
-Deck JS - deck.menu
-Copyright (c) 2011 Caleb Troughton
-Dual licensed under the MIT license and GPL license.
-https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
-https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
-*/
-
-/*
-This module adds the methods and key binding to show and hide a menu of all
-slides in the deck. The deck menu state is indicated by the presence of a class
-on the deck container.
-*/
-(function($, deck, undefined) {
-	var $d = $(document),
-	rootSlides; // Array of top level slides
-
-	/*
-	Extends defaults/options.
-
-	options.classes.menu
-		This class is added to the deck container when showing the slide menu.
-
-	options.keys.menu
-		The numeric keycode used to toggle between showing and hiding the slide
-		menu.
-
-	options.touch.doubletapWindow
-		Two consecutive touch events within this number of milliseconds will
-		be considered a double tap, and will toggle the menu on touch devices.
-	*/
-	$.extend(true, $[deck].defaults, {
-		classes: {
-			menu: 'deck-menu'
-		},
-
-		keys: {
-			menu: 77 // m
-		},
-
-		touch: {
-			doubletapWindow: 400
-		}
-	});
-
-	/*
-	jQuery.deck('showMenu')
-
-	Shows the slide menu by adding the class specified by the menu class option
-	to the deck container.
-	*/
-	$[deck]('extend', 'showMenu', function() {
-		var $c = $[deck]('getContainer'),
-		opts = $[deck]('getOptions');
-
-		if ($c.hasClass(opts.classes.menu)) return;
-
-		// Hide through loading class to short-circuit transitions (perf)
-		$c.addClass([opts.classes.loading, opts.classes.menu].join(' '));
-
-		/* Forced to do this in JS until CSS learns second-grade math. Save old
-		style value for restoration when menu is hidden. */
-		if (Modernizr.csstransforms) {
-			$.each(rootSlides, function(i, $slide) {
-				$slide.data('oldStyle', $slide.attr('style'));
-				$slide.css({
-					'position': 'absolute',
-					'left': ((i % 4) * 25) + '%',
-					'top': (Math.floor(i / 4) * 25) + '%'
-				});
-			});
-		}
-
-		// Need to ensure the loading class renders first, then remove
-		window.setTimeout(function() {
-			$c.removeClass(opts.classes.loading)
-				.scrollTop($[deck]('getSlide').offset().top);
-		}, 0);
-	});
-
-	/*
-	jQuery.deck('hideMenu')
-
-	Hides the slide menu by removing the class specified by the menu class
-	option from the deck container.
-	*/
-	$[deck]('extend', 'hideMenu', function() {
-		var $c = $[deck]('getContainer'),
-		opts = $[deck]('getOptions');
-
-		if (!$c.hasClass(opts.classes.menu)) return;
-
-		$c.removeClass(opts.classes.menu);
-		$c.addClass(opts.classes.loading);
-
-		/* Restore old style value */
-		if (Modernizr.csstransforms) {
-			$.each(rootSlides, function(i, $slide) {
-				var oldStyle = $slide.data('oldStyle');
-
-				$slide.attr('style', oldStyle ? oldStyle : '');
-			});
-		}
-
-		window.setTimeout(function() {
-			$c.removeClass(opts.classes.loading).scrollTop(0);
-		}, 0);
-	});
-
-	/*
-	jQuery.deck('toggleMenu')
-
-	Toggles between showing and hiding the slide menu.
-	*/
-	$[deck]('extend', 'toggleMenu', function() {
-		$[deck]('getContainer').hasClass($[deck]('getOptions').classes.menu) ?
-		$[deck]('hideMenu') : $[deck]('showMenu');
-	});
-
-	$d.bind('deck.init', function() {
-		var opts = $[deck]('getOptions'),
-		touchEndTime = 0,
-		currentSlide,
-		slideTest = $.map([
-			opts.classes.before,
-			opts.classes.previous,
-			opts.classes.current,
-			opts.classes.next,
-			opts.classes.after
-		], function(el, i) {
-			return '.' + el;
-		}).join(', ');
-
-		// Build top level slides array
-		rootSlides = [];
-		$.each($[deck]('getSlides'), function(i, $el) {
-			if (!$el.parentsUntil(opts.selectors.container, slideTest).length) {
-				rootSlides.push($el);
-			}
-		});
-
-		// Bind key events
-		$d.unbind('keydown.deckmenu').bind('keydown.deckmenu', function(e) {
-			if (e.which === opts.keys.menu || $.inArray(e.which, opts.keys.menu) > -1) {
-				$[deck]('toggleMenu');
-				e.preventDefault();
-			}
-		});
-
-		// Double tap to toggle slide menu for touch devices
-		$[deck]('getContainer').unbind('touchstart.deckmenu').bind('touchstart.deckmenu', function(e) {
-			currentSlide = $[deck]('getSlide');
-		})
-		.unbind('touchend.deckmenu').bind('touchend.deckmenu', function(e) {
-			var now = Date.now();
-
-			// Ignore this touch event if it caused a nav change (swipe)
-			if (currentSlide !== $[deck]('getSlide')) return;
-
-			if (now - touchEndTime < opts.touch.doubletapWindow) {
-				$[deck]('toggleMenu');
-				e.preventDefault();
-			}
-			touchEndTime = now;
-		});
-
-		// Selecting slides from the menu
-		$.each($[deck]('getSlides'), function(i, $s) {
-			$s.unbind('click.deckmenu').bind('click.deckmenu', function(e) {
-				if (!$[deck]('getContainer').hasClass(opts.classes.menu)) return;
-
-				$[deck]('go', i);
-				$[deck]('hideMenu');
-				e.stopPropagation();
-				e.preventDefault();
-			});
-		});
-	})
-	.bind('deck.change', function(e, from, to) {
-		var container = $[deck]('getContainer');
-
-		if (container.hasClass($[deck]('getOptions').classes.menu)) {
-			container.scrollTop($[deck]('getSlide', to).offset().top);
-		}
-	});
-})(jQuery, 'deck');
-
-/*!
-Deck JS - deck.goto
-Copyright (c) 2011 Caleb Troughton
-Dual licensed under the MIT license and GPL license.
-https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
-https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
-*/
-
-/*
-This module adds the necessary methods and key bindings to show and hide a form
-for jumping to any slide number/id in the deck (and processes that form
-accordingly). The form-showing state is indicated by the presence of a class on
-the deck container.
-*/
-(function($, deck, undefined) {
-	var $d = $(document);
-
-	/*
-	Extends defaults/options.
-
-	options.classes.goto
-		This class is added to the deck container when showing the Go To Slide
-		form.
-
-	options.selectors.gotoDatalist
-		The element that matches this selector is the datalist element that will
-		be populated with options for each of the slide ids.  In browsers that
-		support the datalist element, this provides a drop list of slide ids to
-		aid the user in selecting a slide.
-
-	options.selectors.gotoForm
-		The element that matches this selector is the form that is submitted
-		when a user hits enter after typing a slide number/id in the gotoInput
-		element.
-
-	options.selectors.gotoInput
-		The element that matches this selector is the text input field for
-		entering a slide number/id in the Go To Slide form.
-
-	options.keys.goto
-		The numeric keycode used to show the Go To Slide form.
-
-	options.countNested
-		If false, only top level slides will be counted when entering a
-		slide number.
-	*/
-	$.extend(true, $[deck].defaults, {
-		classes: {
-			goto: 'deck-goto'
-		},
-
-		selectors: {
-			gotoDatalist: '#goto-datalist',
-			gotoForm: '.goto-form',
-			gotoInput: '#goto-slide'
-		},
-
-		keys: {
-			goto: 71 // g
-		},
-
-		countNested: true
-	});
-
-	/*
-	jQuery.deck('showGoTo')
-
-	Shows the Go To Slide form by adding the class specified by the goto class
-	option to the deck container.
-	*/
-	$[deck]('extend', 'showGoTo', function() {
-		$[deck]('getContainer').addClass($[deck]('getOptions').classes.goto);
-		$($[deck]('getOptions').selectors.gotoInput).focus();
-	});
-
-	/*
-	jQuery.deck('hideGoTo')
-
-	Hides the Go To Slide form by removing the class specified by the goto class
-	option from the deck container.
-	*/
-	$[deck]('extend', 'hideGoTo', function() {
-		$($[deck]('getOptions').selectors.gotoInput).blur();
-		$[deck]('getContainer').removeClass($[deck]('getOptions').classes.goto);
-	});
-
-	/*
-	jQuery.deck('toggleGoTo')
-
-	Toggles between showing and hiding the Go To Slide form.
-	*/
-	$[deck]('extend', 'toggleGoTo', function() {
-		$[deck]($[deck]('getContainer').hasClass($[deck]('getOptions').classes.goto) ? 'hideGoTo' : 'showGoTo');
-	});
-
-	$d.bind('deck.init', function() {
-		var opts = $[deck]('getOptions'),
-		$datalist = $(opts.selectors.gotoDatalist),
-		slideTest = $.map([
-			opts.classes.before,
-			opts.classes.previous,
-			opts.classes.current,
-			opts.classes.next,
-			opts.classes.after
-		], function(el, i) {
-			return '.' + el;
-		}).join(', '),
-		rootCounter = 1;
-
-		// Bind key events
-		$d.unbind('keydown.deckgoto').bind('keydown.deckgoto', function(e) {
-			var key = $[deck]('getOptions').keys.goto;
-
-			if (e.which === key || $.inArray(e.which, key) > -1) {
-				e.preventDefault();
-				$[deck]('toggleGoTo');
-			}
-		});
-
-		/* Populate datalist and work out countNested*/
-		$.each($[deck]('getSlides'), function(i, $slide) {
-			var id = $slide.attr('id'),
-			$parentSlides = $slide.parentsUntil(opts.selectors.container, slideTest);
-
-			if (id) {
-				$datalist.append('<option value="' + id + '">');
-			}
-
-			if ($parentSlides.length) {
-				$slide.removeData('rootIndex');
-			}
-			else if (!opts.countNested) {
-				$slide.data('rootIndex', rootCounter);
-				++rootCounter;
-			}
-		});
-
-		// Process form submittal, go to the slide entered
-		$(opts.selectors.gotoForm)
-		.unbind('submit.deckgoto')
-		.bind('submit.deckgoto', function(e) {
-			var $field = $($[deck]('getOptions').selectors.gotoInput),
-			ndx = parseInt($field.val(), 10);
-
-			if (!$[deck]('getOptions').countNested) {
-			  if (ndx >= rootCounter) return false;
-				$.each($[deck]('getSlides'), function(i, $slide) {
-					if ($slide.data('rootIndex') === ndx) {
-						ndx = i + 1;
-						return false;
-					}
-				});
-			}
-
-			$[deck]('go', isNaN(ndx) ? $field.val() : ndx - 1);
-			$[deck]('hideGoTo');
-			$field.val('');
-
-			e.preventDefault();
-		});
-
-		// Dont let keys in the input trigger deck actions
-		$(opts.selectors.gotoInput)
-		.unbind('keydown.deckgoto')
-		.bind('keydown.deckgoto', function(e) {
-			e.stopPropagation();
-		});
-	});
-})(jQuery, 'deck');
-
-/*!
-Deck JS - deck.status
-Copyright (c) 2011 Caleb Troughton
-Dual licensed under the MIT license and GPL license.
-https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
-https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
-*/
-
-/*
-This module adds a (current)/(total) style status indicator to the deck.
-*/
-(function($, deck, undefined) {
-	var $d = $(document),
-
-	updateCurrent = function(e, from, to) {
-		var opts = $[deck]('getOptions');
-
-		$(opts.selectors.statusCurrent).text(opts.countNested ?
-			to + 1 :
-			$[deck]('getSlide', to).data('rootSlide')
-		);
-	};
-
-	/*
-	Extends defaults/options.
-
-	options.selectors.statusCurrent
-		The element matching this selector displays the current slide number.
-
-	options.selectors.statusTotal
-		The element matching this selector displays the total number of slides.
-
-	options.countNested
-		If false, only top level slides will be counted in the current and
-		total numbers.
-	*/
-	$.extend(true, $[deck].defaults, {
-		selectors: {
-			statusCurrent: '.deck-status-current',
-			statusTotal: '.deck-status-total'
-		},
-
-		countNested: true
-	});
-
-	$d.bind('deck.init', function() {
-		var opts = $[deck]('getOptions'),
-		slides = $[deck]('getSlides'),
-		$current = $[deck]('getSlide'),
-		ndx;
-
-		// Set total slides once
-		if (opts.countNested) {
-			$(opts.selectors.statusTotal).text(slides.length);
-		}
-		else {
-			/* Determine root slides by checking each slide's ancestor tree for
-			any of the slide classes. */
-			var rootIndex = 1,
-			slideTest = $.map([
-				opts.classes.before,
-				opts.classes.previous,
-				opts.classes.current,
-				opts.classes.next,
-				opts.classes.after
-			], function(el, i) {
-				return '.' + el;
-			}).join(', ');
-
-			/* Store the 'real' root slide number for use during slide changes. */
-			$.each(slides, function(i, $el) {
-				var $parentSlides = $el.parentsUntil(opts.selectors.container, slideTest);
-
-				$el.data('rootSlide', $parentSlides.length ?
-					$parentSlides.last().data('rootSlide') :
-					rootIndex++
-				);
-			});
-
-			$(opts.selectors.statusTotal).text(rootIndex - 1);
-		}
-
-		// Find where we started in the deck and set initial state
-		$.each(slides, function(i, $el) {
-			if ($el === $current) {
-				ndx = i;
-				return false;
-			}
-		});
-		updateCurrent(null, ndx, ndx);
-	})
-	/* Update current slide number with each change event */
-	.bind('deck.change', updateCurrent);
-})(jQuery, 'deck');
-
-/*!
-Deck JS - deck.navigation
-Copyright (c) 2011 Caleb Troughton
-Dual licensed under the MIT license and GPL license.
-https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
-https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
-*/
-
-/*
-This module adds clickable previous and next links to the deck.
-*/
-(function($, deck, undefined) {
-	var $d = $(document),
-
-	/* Updates link hrefs, and disabled states if last/first slide */
-	updateButtons = function(e, from, to) {
-		var opts = $[deck]('getOptions'),
-		last = $[deck]('getSlides').length - 1,
-		prevSlide = $[deck]('getSlide', to - 1),
-		nextSlide = $[deck]('getSlide', to + 1),
-		hrefBase = window.location.href.replace(/#.*/, ''),
-		prevId = prevSlide ? prevSlide.attr('id') : undefined,
-		nextId = nextSlide ? nextSlide.attr('id') : undefined;
-
-		$(opts.selectors.previousLink)
-			.toggleClass(opts.classes.navDisabled, !to)
-			.attr('href', hrefBase + '#' + (prevId ? prevId : ''));
-		$(opts.selectors.nextLink)
-			.toggleClass(opts.classes.navDisabled, to === last)
-			.attr('href', hrefBase + '#' + (nextId ? nextId : ''));
-	};
-
-	/*
-	Extends defaults/options.
-
-	options.classes.navDisabled
-		This class is added to a navigation link when that action is disabled.
-		It is added to the previous link when on the first slide, and to the
-		next link when on the last slide.
-
-	options.selectors.nextLink
-		The elements that match this selector will move the deck to the next
-		slide when clicked.
-
-	options.selectors.previousLink
-		The elements that match this selector will move to deck to the previous
-		slide when clicked.
-	*/
-	$.extend(true, $[deck].defaults, {
-		classes: {
-			navDisabled: 'deck-nav-disabled'
-		},
-
-		selectors: {
-			nextLink: '.deck-next-link',
-			previousLink: '.deck-prev-link'
-		}
-	});
-
-	$d.bind('deck.init', function() {
-		var opts = $[deck]('getOptions'),
-		slides = $[deck]('getSlides'),
-		$current = $[deck]('getSlide'),
-		ndx;
-
-		// Setup prev/next link events
-		$(opts.selectors.previousLink)
-		.unbind('click.decknavigation')
-		.bind('click.decknavigation', function(e) {
-			$[deck]('prev');
-			e.preventDefault();
-		});
-
-		$(opts.selectors.nextLink)
-		.unbind('click.decknavigation')
-		.bind('click.decknavigation', function(e) {
-			$[deck]('next');
-			e.preventDefault();
-		});
-
-		// Find where we started in the deck and set initial states
-		$.each(slides, function(i, $slide) {
-			if ($slide === $current) {
-				ndx = i;
-				return false;
-			}
-		});
-		updateButtons(null, ndx, ndx);
-	})
-	.bind('deck.change', updateButtons);
-})(jQuery, 'deck');
-
-/*
-Deck JS - deck.toc
-Copyright (c) 2011 Remi BARRAQUAND
-Dual licensed under the MIT license and GPL license.
-https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
-https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
-*/
-
-/*
-This module provides a support for TOC to the deck.
-*/
-
-(function($, deck, undefined) {
-    var $d = $(document);
-    var $toc;
-    /*
-	Extends defaults/options.
-
-        options.classes.toc
-		This class is added to the deck container when showing the slide
-                toc.
-
-	options.keys.toc
-		The numeric keycode used to toggle between showing and hiding
-                the slide toc.
-
-	options.selectors.toc
-		The element matching this selector displays the toc.
-
-	options.selectors.tocTitle
-		The element matching this selector displays the current title
-                of the slide i.e the current h1.
-
-        options.selectors.tocSection
-		The element matching this selector displays the current section
-                of the slide i.e the current h2.
-
-        options.selectors.tocSubSection
-		The element matching this selector displays the current
-                subsection of the slide i.e the current h3.
-
-        options.selectors.tocSubSubSection
-		The element matching this selector displays the current
-                subsubsection of the slide i.e the current h4.
-	*/
-    $.extend(true, $[deck].defaults, {
-        classes: {
-            toc: 'deck-toc-frame'
-        },
-
-        keys: {
-            toc: 84, // t
-			sn: 83 //s
-        },
-
-        selectors: {
-            toc: '.deck-toc',
-            tocTitle: '.deck-toc-h1',
-            tocSection: '.deck-toc-h2',
-            tocSubSection: '.deck-toc-h3',
-            tocSubSubSection: '.deck-toc-h4',
-            tocStatus: '.deck-toc-status'
-        }
-    });
-
-    /*
-	jQuery.deck('showToc')
-
-	Shows the slide toc by adding the class specified by the toc class option
-	to the deck container.
-	*/
-    $[deck]('extend', 'showToc', function() {
-        $[deck]('getContainer').addClass($[deck]('getOptions').classes.toc);
-    });
-
-    /*
-	jQuery.deck('hideToc')
-
-	Hides the slide toc by removing the class specified by the toc class
-	option from the deck container.
-	*/
-    $[deck]('extend', 'hideToc', function() {
-        $[deck]('getContainer').removeClass($[deck]('getOptions').classes.toc);
-    });
-
-    /*
-	jQuery.deck('toggleToc')
-
-	Toggles between showing and hiding the TOC.
-	*/
-    $[deck]('extend', 'toggleToc', function() {
-        $[deck]('getContainer').hasClass($[deck]('getOptions').classes.toc) ?
-        $[deck]('hideToc') : $[deck]('showToc');
-    });
-    /*
-	jQuery.deck('toggleSideNotes')
-
-	Toggles between showing and hiding the side notes.
-	*/
-    $[deck]('extend', 'toggleSideNotes', function() {
-		$(".sidebarblock").toggle();
-    });
-
-    /*
-        jQuery.deck('Init')
-        */
-    $d.bind('deck.init', function() {
-        var opts = $[deck]('getOptions');
-        var container = $[deck]('getContainer');
-
-        /* Bind key events */
-        $d.unbind('keydown.decktoc').bind('keydown.decktoc', function(e) {
-            if(e.metaKey) // don't trap CTRL-t/CMD-t
-                return true;
-            if (e.which === opts.keys.toc || $.inArray(e.which, opts.keys.toc) > -1) {
-                    $[deck]('toggleToc');
-                    e.preventDefault();
-            }else if(e.which === opts.keys.sn || $.inArray(e.which, opts.keys.sn) > -1) {
-            	    $[deck]('toggleSideNotes');
-				    e.preventDefault();
-            }
-        });
-
-        /* Hide TOC panel when user click on container */
-        container.click(function(e){
-            $[deck]('hideToc');
-        });
-
-        /* Init TOC and append it to the document */
-        $toc = new TOC();
-        $($[deck]('getOptions').selectors.toc).append($toc.root);
-
-        /* Go through all slides */
-        $.each($[deck]('getSlides'), function(i, $el) {
-            var slide = $[deck]('getSlide',i);
-            //var tocElementFound = false;
-
-            /* If there is a toc item, push it in the TOC */
-            for(var level=1; level<3; level++) {
-                if( slide.children("h"+level).length > 0) {
-                    var tocTitle = "";
-                    var $tocElement = slide.children("h"+level+":first");
-                    if( $tocElement.attr("title") != undefined && $tocElement.attr("title") != "") {
-                        tocTitle = $tocElement.attr("title");
-                    } else {
-                        tocTitle = $tocElement.text();
-                    }
-                    // actually level isn't based on h1, h2, h3, etc yet. Look at parent slide to see if slide0 or slide1
-                    if(slide.hasClass('slide1')){
-                        level = level + 1
-                        }
-                    $toc.push(level, tocTitle, slide);
-                    $toc.tag(slide);
-                    //tocElementFound = true;
-                }
-            }
-
-            /* Tag the slide with the current TOC level */
-            $toc.tag(slide);
-        });
-    })
-    /* Update current slide number with each change event */
-    .bind('deck.change', function(e, from, to) {
-        var opts = $[deck]('getOptions');
-        var slideTo = $[deck]('getSlide', to);
-        var container = $[deck]('getContainer');
-
-        if (container.hasClass($[deck]('getOptions').classes.toc)) {
-            container.scrollTop(slideTo.offset().top);
-        }
-
-        /* update toc status */
-        if( slideTo.data("toc") ) {
-            // reset
-            $(opts.selectors.tocTitle).text("");
-            $(opts.selectors.tocSection).text("");
-            $(opts.selectors.tocSubSection).text("");
-            $(opts.selectors.tocSubSubSection).text("");
-
-            if( slideTo.hasClass('hide-toc-status') ) {
-                $(opts.selectors.tocStatus).hide();
-            } else {
-                $(opts.selectors.tocStatus).show();
-                // update according to the current context
-                var $context = $toc.context(slideTo.data('toc'))
-                for(var level=1; level<=$context.length; level++) {
-                    switch(level) {
-                        case 1:
-                            $(opts.selectors.tocTitle).text($context[level-1]);
-                            break;
-                        case 2:
-                            $(opts.selectors.tocSection).text($context[level-1]);
-                            break;
-                        case 3:
-                            $(opts.selectors.tocSubSection).text($context[level-1]);
-                            break;
-                        case 4:
-                            $(opts.selectors.tocSubSubSection).text($context[level-1]);
-                            break;
-                    }
-                }
-            }
-        }
-    });
-
-    /*
-        Simple TOC manager (must be improved)
-        */
-    var TOC = function() {
-
-        this.root = $("<ul/>", {"class":"toc"});
-
-
-        /**
-         * Tranform a path listing [0,0,1]
-         * into a title like "1.2".
-         *
-         * indexes go from 0 to 1 based counting and the
-         * first one doesn't count.
-         */
-        var list_to_listing = function(a){
-         var title = [];
-         for(var i=1;i<a.length;i++)  {
-            title.push(a[i] + 1);
-         }
-         return title.join(".");
-        }
-
-        /*
-            Push new item in the TOC
-
-            depth is the level (e.g. 1 for h1, 2 for h2, etc.)
-            title is the toc-item title
-            slide is the slide that provides the toc-element
-            */
-        this.push = function(depth,title,slide) {
-            inc(depth);
-            /* Create toc element */
-            var $tocElm = $("<li />", {
-                id: "toc-"+($c.join('-'))
-            }).data({ // keep track of the slide in case...
-                slide: slide,
-                title: title
-            }).append($("<a />", { // create an hyperlink
-                href: "#"+$(slide).attr('id'),
-                html: "<span>" + list_to_listing($c) + "</span> " + title
-            })).append($("<ul />"));
-
-            /* insert it at the right place */
-            var $target = this.root;
-            if( depth > 1) {
-                $target = ($target.find("li#toc-"+($c.slice(0,$c.length-1).join('-')))).children("ul");
-            }
-            $tocElm.appendTo($target);
-        };
-
-        /*
-            Tag the slide with the current TOC level.
-
-            slide is the slide to tag
-            */
-        this.tag = function(slide) {
-            slide.data({
-                toc: $c.slice(0)
-            });
-        }
-
-        /*
-            Get the current TOC context
-
-            path is the current path in the TOC
-            */
-        this.context = function(path) {
-            $context = new Array();
-            var $target = this.root;
-            for(var depth=0; depth<path.length; depth++) {
-                var tocElm = $target.find("li#toc-"+(path.slice(0,depth+1).join('-')))
-                $context.push(tocElm.data('title'));
-                $target = (tocElm).children("ul");
-            }
-
-            return $context;
-        }
-
-        /* cursor */
-        var $c = [-1];
-        function inc(depth) {
-            var current_depth = $c.length;
-            if(depth>current_depth) {
-                for(i=current_depth;i<depth;i++) {
-                    $c.push(0);
-                }
-            } else if( current_depth>depth) {
-                for(i=depth;i<current_depth;i++) {
-                    $c.pop();
-                    $c[depth-1]++
-                }
-            } else {
-                $c[depth-1]++
-            }
-        }
-    }
-
-})(jQuery, 'deck');
-/*!
-Deck JS - deck.split
-Copyright (c) 2012 Qingping Hou <dave2008713@gmail.com>
-                   about.houqp.me
-Dual licensed under the MIT license and GPL license.
-https://github.com/imakewebthings/deck.js/blob/master/MIT-license.txt
-https://github.com/imakewebthings/deck.js/blob/master/GPL-license.txt
-*/
-
-/*
-This module splits a long slide into multiple slides.
-*/
-(function($, deck, undefined) {
-	var $d = $(document);
-
-	createEmptySlide = function(title_el) {
-		slide = $(document.createElement('section'));
-		slide.addClass('slide').append(title_el.clone());
-		return slide;
-	};
-
-	$d.bind('deck.beforeInit', function() {
-		$(".slide").each( function(i, slide) {
-			/* each slide */
-			var is_split = false,
-			prev_slide = $(slide),
-			/* extract title which will be added to each new slides */
-			title_el = prev_slide.children('h2'),
-			tmp_slide = createEmptySlide(title_el);
-
-			$(slide).children().each(function() {
-				/* for each element inside original slide */
-				var el = $(this);
-
-				if (el.css('page-break-after') == 'always') {
-					if (is_split) {
-						tmp_slide.insertAfter(prev_slide);
-						prev_slide = tmp_slide;
-						tmp_slide = createEmptySlide(title_el);
-					}
-					else {
-						/* find the first page break */
-						is_split = true;
-					}
-				}
-				else {
-					if (is_split) {
-						tmp_slide.append(el);
-					}
-				}
-			})
-			/* add remaining elements to a new slides */
-			if (is_split) {
-				tmp_slide.insertAfter(prev_slide);
-			}
-		});
-	})
-})(jQuery, 'deck');
-
-/*!
-
-Copyright (c) 2012 Simeon Franklin
-MIT license
-*/
-
-/*
-This module provides a popup menu listing the shortcut key.
-*/
-
-(function($, deck, undefined) {
-    var $d = $(document);
-    $.deck.defaults.keys.helpKeycode = 72; // 'h'
-    $d.bind('deck.init', function() {
-       var help_text = $("<div id='help-text' style='display:none;'><dl>" +
-                     "<dt>&rarr; or space</dt><dd>Advance to the next slide</dd>" +
-                     "<dt>t</dt><dd>Open Table of Contents</dd>" +
-                     "<dt>g</dt><dd>Navigate to # slide.</dd>" +
-                     "<dt>h</dt><dd>Show/Hide this help content</dd>" +
-                     "<dt>m</dt><dd>Preview Slides</dd>" +
-                     "<dt>s</dt><dd>Show/Hide sidebar</dd>" +
-                     "</dl></div>");
-       $("body").prepend(help_text);
-       var $help_text = $("#help-text");
-       $d.bind('keydown.help', function(event) {
-          var opts = $['deck']('getOptions');
-          if (event.which === opts.keys.helpKeycode) {
-              $help_text.toggle();
-          }
-          else{
-              $help_text.hide();
-          }
-       });
-    });
-})(jQuery, 'deck');
-/*!
-
-Copyright (c) 2012 Simeon Franklin
-MIT license
-*/
-
-/*
-This module provides a breadcrumb menu listing the parent
-slides. Requires extra classes put on slides (slide0), subslides
-(slide1), subsubslides (slide2).
-
-*/
-
-(function($, deck, undefined) {
-    var $d = $(document);
-    $d.bind('deck.init', function() {
-       var bread = $("<div id='breadcrumb'></div>");
-       $("body").prepend(bread);
-       var $bread = $("#breadcrumb");
-       var opts = $[deck]('getOptions');
-       var updateCurrent = function(evt, from, to){
-           var $slide = $[deck]('getSlide', to);
-           // only three levels supported
-           if($slide.hasClass('slide2')){
-               var $slide1 = $slide.prevAll('.slide1').eq(0);
-               var $slide0 = $slide.prevAll('.slide0').eq(0);
-               $bread.html("<h2><a href='#" + $slide0.attr('id') + "'>" + $.trim($slide0.find('h2:first').text()) +
-                           "</a> &rsaquo;&rsaquo; <a href='#" + $slide1.attr('id') + " '>" +
-                           $.trim($slide1.find('h2:first').text()) + "</a></h2>");
-
-           }else if($slide.hasClass('slide1')){
-               var $slide0 = $slide.prevAll('.slide0').eq(0);
-               $bread.html("<h2><a href='#" + $slide0.attr('id') + "'>" +
-                           $.trim($slide0.find('h2:first').text()) + "</a></h2>");
-           }else{
-               $bread.html("");
-           }
-       };
-       $d.bind('deck.change', updateCurrent);
-    })
-})(jQuery, 'deck');
-/*
-
-  This module makes sure that switching to a new slide always scrolls
-  to the top.
-
-  It also checks body/slide height - for tall slides set overflow to scroll,
-  for short slides hide scrollbars
-
-  Currently in deck.js presentations with long slides, switching from
-  one slide scrolled down the page to the next slide doesn't change
-  the position of the scroll bar.
-
-
-*/
-
-(function($, deck, undefined) {
-    var $d = $(document);
-    $d.bind('deck.init', function() {
-       var scrollup = function(evt, from, to){
-           $(document).scrollTop(0);
-       };
-       var $body = $('body');
-       var $html = $('html');
-       var height_check = function(evt, from, to){
-           if(to > 0){
-               var slide = $('#slide-' + to);
-           }else{
-               var slide = $('#title-slide');
-           }
-           if(slide.height() > $body.height()){
-               $html.css({'overflow': 'auto', 'overflow-x':'hidden'});
-           }else{
-               $html.css('overflow', 'hidden');
-           }
-       }
-       $d.bind('deck.change', scrollup);
-       $d.bind('deck.change', height_check);
-    })
-})(jQuery, 'deck');
-/*!
-
-Copyright (c) 2012 Simeon Franklin
-MIT license
-*/
-
-/*
-
-  Enables anchor targets to sections:
-
-  <a href="#Some_Section">Some Section</a>
-
-
-
-*/
-
-(function($, deck, undefined) {
-    var $d = $(document);
-    $d.bind('deck.init', function() {
-        var $links = $('a[href^="#"]').not('a[href^="#slide-"]').not('a[href="#title-slide"]');
-        var $h2s = $("h2");
-        $h2s.each(function(){
-                $(this).attr('id', $.trim($(this).text()).replace(" ", "_"));
-            });
-        $links.click(function(e){
-                var title = $(this).attr('href').replace(" ", "_");
-                var page = $(title).parents('section').attr('id');
-                $.deck('go', page);
-                e.preventDefault();
-            });
-        });
-})(jQuery, 'deck');
-/*!
-
-Copyright (c) 2012 Simeon Franklin
-MIT license
-*/
-
-/*
-
-If there's a span.slidetheme in an h2 then add the .slidetheme to the
-enclosing section
-
-*/
-
-(function($, deck, undefined) {
-    var $d = $(document);
-    $d.bind('deck.init', function() {
-        $("h2 span").each(function(){
-            var cls = $(this).attr('class');
-            $(this).parents("section").addClass(cls);
-        });
-        // copy alt to title for all img tags
-        $("img").each(function(){
-            var $this = $(this);
-            $this.attr('title', $this.attr('alt'));
-        });
-        // any img-slide need to have first img scaled to window
-        $("section.image-slide").each(function(){
-            var $img = $(this).find('img:first');
-            $(this).css('background-image', 'url("' + $img.prop('src') + '")');
-            $img.hide();
-        });
-
-    })
-})(jQuery, 'deck');
-
-/*]]>*/
-</script>
-
-</head>
-<body class="deck-container">
-<section class="slide" id="title-slide">
-        <h1>Secure Application Storage</h1>
-</section>
-<!--preamble: Added this to open the first, empty slide section-->
-<section class="preamble">
-<p>Objective: By the end of this module, you will be able<br>
-protect data saved on the file system and understand what to persist.</p>
-<p></p>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Review Questions</h2>
-<ol>
-<li>
-<p>
-Name three of the primary APIs for persisting data in Android.
-</p>
-</li>
-<li>
-<p>
-Why is it a bad idea hard-code secret keys in your application code?
-</p>
-</li>
-<li>
-<p>
-What is the preferred method of generating a unique ID for your application user?
-</p>
-</li>
-<li>
-<p>
-what is the one type of persisted data that cannot be (directly) encrypted?
-</p>
-</li>
-<li>
-<p>
-What is the name of the package that provides encryption for SQLite?
-</p>
-</li>
-<li>
-<p>
-What is the primary advantage of the accounts framework?
-</p>
-</li>
-<li>
-<p>
-Is password-based encryption symmetric or asymmetric? What does that mean?
-</p>
-</li>
-<li>
-<p>
-What is the difference between the system KeyChain and the system KeyStore?
-</p>
-</li>
-<li>
-<p>
-When is it safe to persist an encryption key in the system KeyStore?
-</p>
-</li>
-<li>
-<p>
-How do we check if the device supports this?
-</p>
-</li>
-</ol>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Storage</h2>
-<ul>
-<li>
-Improper storage of data is a simple problem to resolve, if handled from the start
-</li>
-<li>
-Mobile devices are different than traditional computing systems
-<ul>
-<li>
-Physical device access is <strong>easy</strong> to achieve
-</li>
-<li>
-Once physical access is available, device can be rooted, flashed, etc.
-</li>
-</ul>
-</li>
-<li>
-You <em>must</em> assume that once data is <strong>stored</strong> on the device it is vulnerable!
-<ul>
-<li>
-For typical users, this is usually not a problem
-</li>
-<li>
-Malicious users are <strong>not</strong> typical users!
-<ul>
-<li>
-Once a device has been rooted, re-ROM&#8217;d, etc. the malicious user can read/write anywhere they want
-<p><em>The question to ask: what does my app really need to store?</em></p>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-<li>
-The general rule of thumb: store only what you <em>absolutely require</em>
-<ul>
-<li>
-This can mean many things: tokens/keys to access APIs, user credentials, authentication tokens
-</li>
-<li>
-It boils down to propery managing sensitive data
-</li>
-</ul>
-</li>
-<li>
-If you must store sensitive data, have a plan to do so in a way with minimized risk
-</li>
-</ul>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Storage APIs</h2>
-<ul>
-<li>
-File access
-<ul>
-<li>
-<span class="monospaced">Context</span> provides a number of helper APIs
-<ul>
-<li>
-<span class="monospaced">Context.openFileInput()</span> opens a private file for reading
-</li>
-<li>
-<span class="monospaced">Context.openFileOutput()</span> opens a private file for writing
-</li>
-<li>
-Private files are tied to the app package, located in its private sandbox
-</li>
-<li>
-There are additional APIs for cache files
-</li>
-<li>
-"External storage" is also available, with a package private area
-</li>
-</ul>
-</li>
-<li>
-Standard Java <span class="monospaced">File</span> class and related APIs available
-<ul>
-<li>
-<span class="monospaced">Context</span> provides APIs to help get package private paths (<span class="monospaced">getDir()</span>, <span class="monospaced">getCacheDir()</span>, <span class="monospaced">getExternalCacheDir()</span>, <span class="monospaced">getExternalFilesDir()</span>, <span class="monospaced">getFilesDir()</span>)
-</li>
-<li>
-Apps should not assume any specific filesystem paths or mount points
-</li>
-</ul>
-</li>
-</ul>
-</li>
-<li>
-Opaque Binary Blobs (OBB)
-<ul>
-<li>
-App specific file container
-</li>
-<li>
-Can be encrypted
-</li>
-<li>
-App manages the download / mount of the containers
-</li>
-<li>
-Useful for large data sets (graphics, assets)
-</li>
-<li>
-Use <span class="monospaced">StorageManager</span> to mount then access
-</li>
-<li>
-Cannot <strong>create</strong> new OBBs on the device, just access existing ones
-</li>
-</ul>
-</li>
-<li>
-<span class="monospaced">SharedPreferences</span>
-<ul>
-<li>
-File backed storage of key-value pair data
-<ul>
-<li>
-Keys are <span class="monospaced">String</span> objects, values can be primitives, <span class="monospaced">String</span> or <span class="monospaced">Set&lt;String&gt;</span>
-</li>
-</ul>
-</li>
-<li>
-App controls what data is stored and meaning
-</li>
-<li>
-Default for the app is tied to the package name
-<ul>
-<li>
-Default name can be overridden
-</li>
-<li>
-Can use multiple <span class="monospaced">SharedPreferences</span> for the same app
-</li>
-</ul>
-</li>
-<li>
-Data is not encrypted, simple string based lookup
-</li>
-<li>
-Can be used by multiple threads (clients), modifications go through <span class="monospaced">SharedPreferences.Editor</span>
-</li>
-<li>
-Does not support multi-process access
-</li>
-</ul>
-</li>
-<li>
-SQLite Databases
-<ul>
-<li>
-SQLite databases can be used for app specific storage
-<ul>
-<li>
-Accessible to any component in your app, but (generally) not outside your app
-</li>
-<li>
-Backed by private file within the sandbox
-</li>
-</ul>
-</li>
-<li>
-Recommended use is via <span class="monospaced">SQLiteOpenHelper</span> class to help manage creation, updates
-<ul>
-<li>
-Use <span class="monospaced">SQLiteOpenHelper.getWriteableDatabase()</span> and <span class="monospaced">SQLiteOpenHelper.getReadableDatabase()</span> to get a <span class="monospaced">SQLiteDatabase</span> object to call <span class="monospaced">query()</span>, etc. against
-</li>
-<li>
-<span class="monospaced">query()</span> calls return <span class="monospaced">Cursor</span> objects which points to the rows found by the query
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">User Authentication</h2>
-<ul>
-<li>
-User authentication is used for access to user specific data in the app
-</li>
-<li>
-Best Practices for storage depends on app and credentials
-<ul>
-<li>
-BP#1: Certificate/key based credentials
-<ul>
-<li>
-Leverage Android&#8217;s credential storage to securely track
-<ul>
-<li>
-See <a href="http://developer.android.com/reference/android/security/KeyChain.html" target="_blank"><span class="monospaced">KeyChain</span></a>
-and <a href="https://developer.android.com/training/articles/keystore.html" target="_blank"><span class="monospaced">AndroidKeyStore</span></a> provider
-with <a href="http://developer.android.com/reference/java/security/KeyStore.html" target="_blank"><span class="monospaced">KeyStore</span></a> (Android 4.3 and newer)
-</li>
-</ul>
-</li>
-<li>
-<em>DO NOT</em> assume filesystem sandbox is enough
-</li>
-<li>
-Still can be vulnerable to attacks if device compromised
-</li>
-</ul>
-</li>
-<li>
-BP#2: User account credentials
-<ul>
-<li>
-Users have numerous accounts for different service (Google, PayPal, Facebook, etc.)
-</li>
-<li>
-Leverage <a href="https://developer.android.com/reference/android/accounts/AccountManager.html" target="_blank"><span class="monospaced">AccountManager</span></a>
-for storage of accounts and accessing accounts
-<ul>
-<li>
-<span class="monospaced">AccountManager</span> uses plugabble architecture for authenticators
-</li>
-<li>
-Using an existing account, apps can request authentication token for use in requests
-</li>
-</ul>
-</li>
-<li>
-<em>DO NOT</em> assume filesystem sandbox is enough and store in cleartext
-</li>
-</ul>
-</li>
-<li>
-BP#3: Use WebView and Session Tokens
-<ul>
-<li>
-Present the user with web page for login
-</li>
-<li>
-<em>DO NOT</em> store the user credentials at all
-</li>
-<li>
-The web interface presents a redirect with session token on success (e.g. <a href="http://en.wikipedia.org/wiki/OAuth" target="_blank">OAuth 2.0</a>)
-</li>
-<li>
-Keep the session token for subsequent requests
-</li>
-<li>
-Session key can be stored, but carefully do so
-</li>
-<li>
-This relies on the <em>server</em> to properly handle credentials, expire and rotate tokens correctly
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Session Identifiers</h2>
-<ul>
-<li>
-Many network services (Google, Facebook, Instagram, etc.) use session or token based identifiers for access
-</li>
-<li>
-These can be stored on the device, carefully
-<ul>
-<li>
-Be sure to store them in a way so an attacker cannot determine how it is used
-</li>
-</ul>
-</li>
-<li>
-Servers should have reasonable expiration times for session IDs
-<ul>
-<li>
-Some server implementations may issue new session IDs to replace old ones frequently
-</li>
-</ul>
-</li>
-<li>
-Android&#8217;s <span class="monospaced">AccountManager</span> can be leveraged with 3rd party authenticators to help with auth tokens or sessions
-<ul>
-<li>
-It is up <em>to the app</em> to notify the <span class="monospaced">AccountManager</span> if a token is no longer valid
-</li>
-</ul>
-</li>
-</ul>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Hardcoded Tokens and Keys</h2>
-<ul>
-<li>
-Best practice is to <strong>not</strong> use hardcoded values in code
-<ul>
-<li>
-Java (including Dalvik DEX) can be disassembled <a href="http://dedexer.sourceforge.net/" target="_blank"><em>very easily</em></a>
-</li>
-<li>
-Reverse engineering can discover hardcoded values relatively easily
-</li>
-<li>
-This is <em>particularly bad for encryption of data</em>
-</li>
-<li>
-Best Practice: hash a random salt plus and password to create a key (with numerous iterations), store the salt and hash
-</li>
-</ul>
-</li>
-<li>
-Some cloud services require an app authentication token
-<ul>
-<li>
-You have no choice but to store or hard code
-</li>
-<li>
-Best practice: ensure the server only uses this to "authenticate" the app, not the user
-</li>
-<li>
-Best practice on the server: only allow a limited subset of functionality via the app (e.g. no account delete or other more volatile ops)
-</li>
-</ul>
-</li>
-</ul>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Unique Identifiers</h2>
-<ul>
-<li>
-Use of unique IDs is common for apps to track users or installs
-<ul>
-<li>
-Typically used for analytics, ads, etc.
-</li>
-</ul>
-</li>
-<li>
-A common practice uses <span class="monospaced">TelephonyManager.getDeviceId()</span>
-<ul>
-<li>
-<em>DO NOT</em> do this!  There are better ways.
-</li>
-<li>
-It requires the permission <span class="monospaced">READ_PHONE_STATE</span> which can set up a red flag to users
-</li>
-<li>
-It is not reliable.  Some devices do not report unique IDs or change IDs after factory reset
-</li>
-</ul>
-</li>
-<li>
-Best Practice: for non-physical device tracking use
-<a href="https://developer.android.com/reference/java/util/UUID.html#randomUUID()" target="_blank"><span class="monospaced">UUID.randomUUID()</span></a>
-<ul>
-<li>
-If you must track physical devices, use
-<a href="https://developer.android.com/reference/android/provider/Settings.Secure.html#ANDROID_ID" target="_blank"><span class="monospaced">Settings.Secure.ANDROID_ID</span></a>
-<ul>
-<li>
-This is a 64 bit value created and stored when the device first boots.  It is wiped at factory reset.
-</li>
-<li>
-The downside to this is it is unreliable before Android 2.3 (Gingerbread) due to <span class="monospaced">SecureRandom</span>
-used to create <span class="monospaced">ANDROID_ID</span> being <a href="https://code.google.com/p/android/issues/detail?id=10639" target="_blank">seeded incorrectly</a>.
-</li>
-</ul>
-</li>
-</ul>
-</li>
-<li>
-See this <a href="http://android-developers.blogspot.com/2011/03/identifying-app-installations.html" target="_blank">Google Developer Blog</a> for more details
-</li>
-</ul>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Storing sensitive data</h2>
-<ul>
-<li>
-Sometimes, you just have to do it: save your app&#8217;s (or user&#8217;s) sensitive data
-</li>
-<li>
-As we have seen, there are multiple ways of storing data, so how do you protect it?
-</li>
-<li>
-It depends on the storage type
-</li>
-</ul>
-<table class="tableblock frame-topbot grid-all"
-style="
-width:75%;
-">
-<col style="width:25%;">
-<col style="width:25%;">
-<col style="width:25%;">
-<col style="width:25%;">
-<thead>
-<tr>
-<th class="tableblock halign-left valign-top" > Storage Type      </th>
-<th class="tableblock halign-left valign-top" > Private to App? </th>
-<th class="tableblock halign-left valign-top" > Can be made public? </th>
-<th class="tableblock halign-left valign-top" > Encryptable?</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Files</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">OBB</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">No</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">SharedPreferences</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">No</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">SQLite database</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>*</sup></p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>**</sup></p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes<sup>+</sup></p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">ContentProvider</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Can be</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-<td class="tableblock halign-left valign-top" ><p class="tableblock">Yes</p></td>
-</tr>
-</tbody>
-</table>
-<p><sup>*</sup> The default setting is to be private, this can be overridden</p>
-<p><sup>**</sup> Making the database public can be done via file permissions or by exposing via <span class="monospaced">ContentProvider</span></p>
-<p><sup>+</sup> SQLite databases can be encrypted using 3rd party libraries</p>
-</section>
-
-<!--subslide-->
-<section class="slide slide1">
-<h2>File Usage</h2>
-<ul>
-<li>
-Regular file usage is simple, well understood and fairly robust
-</li>
-<li>
-<span class="monospaced">SharedPreferences</span> are backed by files, so the same concepts apply (except for encryption)
-</li>
-<li>
-<em>Inherently insecure at runtime or if device physically compromised</em>
-<ul>
-<li>
-Data is "raw" or in the clear
-</li>
-<li>
-App sandbox works for basic protection
-<ul>
-<li>
-Easy to override
-</li>
-</ul>
-</li>
-<li>
-External storage can present issues, if removable
-</li>
-</ul>
-</li>
-<li>
-For simple data (not critical if exposed), basic <span class="monospaced">File</span> access is ok
-</li>
-<li>
-Best Practice for sensitive data: use encryption (file only, not <span class="monospaced">SharedPreferences</span>) with user provided password
-<ul>
-<li>
-No "encrypt file" direct API available, but <span class="monospaced">javax.crypto</span> package can be used
-<ul>
-<li>
-Use a <a href="http://developer.android.com/reference/javax/crypto/Cipher.html" target="_blank"><span class="monospaced">Cipher</span></a> initilized for AES/CBC/PKCS5Padding,
-create an initialization vector (IV) using <a href="http://developer.android.com/reference/java/security/SecureRandom.html" target="_blank"><span class="monospaced">SecureRandom</span></a>,
-save the raw IV at the start of the file, then use
-<a href="http://developer.android.com/reference/javax/crypto/CipherOutputStream.html" target="_blank"><span class="monospaced">CipherOutputStream</span></a> to write
-the encrypted data to the file.  Use the password to <em>derive</em> a key (don&#8217;t store the password!) using PBKDF2.
-</li>
-<li>
-To ensure integrity of the crypted file, create a secure checksum with MAC or HMAC (i.e. SHA-1)
-</li>
-<li>
-Obviously, this is not simple, can be prone to error
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</section>
-
-<!--subslide-->
-<section class="slide slide1">
-<h2>SQLite Databases</h2>
-<ul>
-<li>
-SQLite databases are used frequently in Android
-</li>
-<li>
-Each database is backed by a file
-</li>
-<li>
-<em>Inherently insecure at runtime or if device physically compromised</em>
-<ul>
-<li>
-App sandbox works for basic protection
-</li>
-<li>
-Easy to override
-</li>
-</ul>
-</li>
-<li>
-For simple data (i.e. no user details, password hashes, etc.) basic usage is ok
-</li>
-<li>
-Best Practice for permissions: don&#8217;t override sandbox settings
-</li>
-<li>
-Best Practice for location: don&#8217;t use external (removable) storage
-</li>
-<li>
-Best Practice for sensitive data: use encryption (SQLCipher)
-</li>
-</ul>
-<div class="sect3">
-<h4 id="_sqlcipher">SQLCipher</h4>
-<ul>
-<li>
-Crypto library for SQLite databases, made by <a href="http://sqlcipher.net" target="_blank">Zetetic LLC</a>
-</li>
-<li>
-Encrypts 100% of the database, with a small amount of performance overhead (claims 5-15% overhead)
-</li>
-<li>
-Utilizes industry standard crypto libraries from OpenSSL, utlizes 256-bit AES encryption
-<ul>
-<li>
-Encryption keys can be derived from a passphrase or using raw binary key data
-</li>
-<li>
-Key derivation is done using a 16 byte secure random salt (OpenSSL&#8217;s RAND_bytes)
-</li>
-<li>
-Each "page" in the database is encrypted separately
-</li>
-</ul>
-</li>
-<li>
-Multi-platform and language support: Android, Linux, Mac OSX, iOS, and Windows with C/C++, Java, .NET, Ruby, PHP, Python
-</li>
-<li>
-Has both an open source (Community Edition) and commercial licensed versions
-<ul>
-<li>
-Community Edition is available via BSD-style license
-</li>
-<li>
-Android Community Edition binaries are available free of charge at <a href="https://s3.amazonaws.com/sqlcipher/SQLCipher+for+Android+v3.1.0.zip" target="_blank">https://s3.amazonaws.com/sqlcipher/SQLCipher+for+Android+v3.1.0.zip</a>
-</li>
-</ul>
-</li>
-<li>
-Basic Android walk-thru instructions (assumes Eclipse/ADT, not Android Studio) available <a href="http://sqlcipher.net/sqlcipher-for-android/" target="_blank">here</a>
-<ul>
-<li>
-In code, the major change is the import and use of <span class="monospaced">net.sqlite.database.SQLiteDatabase</span> rather than <span class="monospaced">android.database.sqlite.SQLiteDatabase</span>
-<div class="listingblock">
-<div class="title">Sample SQLCipher Integration:</div>
-<div class="content"><div class="highlight"><pre><span></span><span class="kn">package</span> <span class="nn">com.example.android.sqlsecure</span><span class="o">;</span>
-
-<span class="kn">import</span> <span class="nn">net.sqlcipher.database.SQLiteDatabase</span><span class="o">;</span>
-<span class="err">…</span>
-
-<span class="kd">public</span> <span class="kd">class</span> <span class="nc">SecureDbActivity</span> <span class="kd">extends</span> <span class="n">Activity</span> <span class="o">{</span>
-    <span class="err">…</span>
-    <span class="kd">private</span> <span class="kd">static</span> <span class="kd">final</span> <span class="n">String</span>  <span class="n">SECURE_DB_NAME</span> <span class="o">=</span> <span class="s">&quot;demo_secure.db&quot;</span><span class="o">;</span>
-
-    <span class="kd">private</span> <span class="n">File</span>            <span class="n">mDbFile</span><span class="o">;</span>
-    <span class="kd">private</span> <span class="n">SQLiteDatabase</span>  <span class="n">mDb</span><span class="o">;</span>
-    <span class="err">…</span>
-
-    <span class="nd">@Override</span>
-    <span class="kd">public</span> <span class="kt">void</span> <span class="nf">onCreate</span><span class="o">(</span><span class="n">Bundle</span> <span class="n">savedInstanceState</span><span class="o">)</span> <span class="o">{</span>
-        <span class="kd">super</span><span class="o">.</span><span class="na">onCreate</span><span class="o">(</span><span class="n">savedInstanceState</span><span class="o">);</span>
-        <span class="n">setContentView</span><span class="o">(</span><span class="n">R</span><span class="o">.</span><span class="na">layout</span><span class="o">.</span><span class="na">secure_db_layout</span><span class="o">);</span>
-        <span class="err">…</span>
-
-        <span class="c1">// Init SQLCipher *before* we make any SQLite calls</span>
-        <span class="n">SQLiteDatabase</span><span class="o">.</span><span class="na">loadLibs</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
-        <span class="n">mDbFile</span> <span class="o">=</span> <span class="n">getDatabasePath</span><span class="o">(</span><span class="n">SECURE_DB_NAME</span><span class="o">);</span>
-        <span class="n">mDb</span> <span class="o">=</span> <span class="n">SQLiteDatabase</span><span class="o">.</span><span class="na">openOrCreateDatabase</span><span class="o">(</span><span class="n">mDbFile</span><span class="o">,</span> <span class="s">&quot;myFakePw&quot;</span><span class="o">,</span> <span class="kc">null</span><span class="o">);</span>
-        <span class="err">…</span>
-    <span class="o">}</span>
-
-    <span class="err">…</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Remembering Users with Accounts</h2>
-<ul>
-<li>
-Given the potential dangers around applications leaking persisted data on the file system, one option for storing user credentials is the <a href="https://developer.android.com/reference/android/accounts/AccountManager.html" target="_blank">Accounts Framework</a>.
-</li>
-<li>
-Accounts allow the system to manage access to credentials and authorization tokens for web services.
-</li>
-<li>
-This presents two useful options to application developers:
-<ol>
-<li>
-<p>
-Use an existing account on the system (like the user&#8217;s Google account) rather than inventing your own.
-</p>
-</li>
-<li>
-<p>
-Add your own account authentication logic (via a custom <span class="monospaced">AccountAuthenticator</span>) to the framework to get the credentials storage out of the application space.
-</p>
-</li>
-</ol>
-</li>
-<li>
-The following is an example of how an application can use the <span class="monospaced">AccountManager</span> service to authenticate a user using their Google account:
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">The following method will work for accounts from any active service (e.g. Twitter, Facebook, Microsoft Exchange) that use the accounts framework. For Google accounts specifically, <a href="http://developer.android.com/google/auth/http-auth.html" target="_blank">Google Play Services</a> now provides a much simpler API.</td>
-</tr></table>
-</div>
-<ol>
-<li>
-<p>
-Accessing the accounts framework requires two permissions:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="nt">&lt;uses-permission</span> <span class="na">android:name=</span><span class="s">&quot;android.permission.GET_ACCOUNTS&quot;</span> <span class="nt">/&gt;</span>
-<span class="nt">&lt;uses-permission</span> <span class="na">android:name=</span><span class="s">&quot;android.permission.USE_CREDENTIALS&quot;</span> <span class="nt">/&gt;</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-You can ask the user to choose a Google account for authentication:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kd">static</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span> <span class="o">=</span> <span class="mi">1000</span><span class="o">;</span>
-
-<span class="kd">private</span> <span class="kt">void</span> <span class="nf">pickUserAccount</span><span class="o">()</span> <span class="o">{</span>
-    <span class="n">String</span><span class="o">[]</span> <span class="n">accountTypes</span> <span class="o">=</span> <span class="k">new</span> <span class="n">String</span><span class="o">[]{</span><span class="s">&quot;com.google&quot;</span><span class="o">};</span>
-    <span class="n">Intent</span> <span class="n">intent</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">newChooseAccountIntent</span><span class="o">(</span>
-            <span class="kc">null</span><span class="o">,</span>          <span class="c1">// Currently selected account</span>
-            <span class="kc">null</span><span class="o">,</span>          <span class="c1">// List of allowed accounts</span>
-            <span class="n">accountTypes</span><span class="o">,</span>  <span class="c1">// Allowed account types</span>
-            <span class="kc">true</span><span class="o">,</span>          <span class="c1">// Show the picker UI</span>
-            <span class="kc">null</span><span class="o">,</span>
-            <span class="kc">null</span><span class="o">,</span>
-            <span class="kc">null</span><span class="o">,</span>
-            <span class="kc">null</span><span class="o">);</span>
-    <span class="n">startActivityForResult</span><span class="o">(</span><span class="n">intent</span><span class="o">,</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span><span class="o">);</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Determine the name of the account they chose, then find the <span class="monospaced">Account</span> object that matches the selected name from the <span class="monospaced">AccountManager</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="nd">@Override</span>
-<span class="kd">protected</span> <span class="kt">void</span> <span class="nf">onActivityResult</span><span class="o">(</span><span class="kt">int</span> <span class="n">requestCode</span><span class="o">,</span> <span class="kt">int</span> <span class="n">resultCode</span><span class="o">,</span>
-        <span class="n">Intent</span> <span class="n">data</span><span class="o">)</span> <span class="o">{</span>
-    <span class="k">if</span> <span class="o">(</span><span class="n">requestCode</span> <span class="o">==</span> <span class="n">REQUEST_CODE_PICK_ACCOUNT</span><span class="o">)</span> <span class="o">{</span>
-        <span class="c1">// Receiving a result from the AccountPicker</span>
-        <span class="k">if</span> <span class="o">(</span><span class="n">resultCode</span> <span class="o">==</span> <span class="n">RESULT_OK</span><span class="o">)</span> <span class="o">{</span>
-            <span class="n">String</span> <span class="n">accountName</span> <span class="o">=</span>
-                    <span class="n">data</span><span class="o">.</span><span class="na">getStringExtra</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_ACCOUNT_NAME</span><span class="o">);</span>
-
-            <span class="c1">//Find the matching account for the selected name</span>
-            <span class="n">AccountManager</span> <span class="n">accountManager</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
-            <span class="n">Account</span><span class="o">[]</span> <span class="n">accounts</span> <span class="o">=</span>
-                    <span class="n">accountManager</span><span class="o">.</span><span class="na">getAccountsByType</span><span class="o">(</span><span class="s">&quot;com.google&quot;</span><span class="o">);</span>
-            <span class="k">for</span> <span class="o">(</span><span class="n">Account</span> <span class="n">account</span> <span class="o">:</span> <span class="n">accounts</span><span class="o">)</span> <span class="o">{</span>
-                <span class="k">if</span> <span class="o">(</span><span class="n">account</span><span class="o">.</span><span class="na">name</span><span class="o">.</span><span class="na">equals</span><span class="o">(</span><span class="n">accountName</span><span class="o">))</span> <span class="o">{</span>
-                    <span class="c1">//Found a match, get an authentication token</span>
-                    <span class="n">getToken</span><span class="o">(</span><span class="n">account</span><span class="o">);</span>
-                    <span class="k">break</span><span class="o">;</span>
-                <span class="o">}</span>
-            <span class="o">}</span>
-        <span class="o">}</span>
-    <span class="o">}</span>
-    <span class="err">…</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Using <span class="monospaced">AccountManager.getAuthToken()</span>, we can ask the accounts framework to asynchronously authorize the user:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kd">static</span> <span class="kd">final</span> <span class="n">String</span> <span class="n">SCOPE</span> <span class="o">=</span>
-        <span class="s">&quot;oauth2:https://www.googleapis.com/auth/userinfo.profile&quot;</span><span class="o">;</span>
-<span class="kd">static</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">REQUEST_CODE_AUTHORIZE</span> <span class="o">=</span> <span class="mi">1001</span><span class="o">;</span>
-
-<span class="kd">public</span> <span class="kt">void</span> <span class="nf">getToken</span><span class="o">(</span><span class="n">Account</span> <span class="n">selectedAccount</span><span class="o">)</span> <span class="o">{</span>
-    <span class="n">AccountManager</span> <span class="n">accountManager</span> <span class="o">=</span> <span class="n">AccountManager</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="k">this</span><span class="o">);</span>
-    <span class="n">accountManager</span><span class="o">.</span><span class="na">getAuthToken</span><span class="o">(</span>
-            <span class="n">selectedAccount</span><span class="o">,</span>  <span class="c1">// Selected account</span>
-            <span class="n">SCOPE</span><span class="o">,</span>            <span class="c1">// Auth scope</span>
-            <span class="kc">null</span><span class="o">,</span>             <span class="c1">// Auth options</span>
-            <span class="k">this</span><span class="o">,</span>             <span class="c1">// Host activity for auth UI</span>
-            <span class="n">mCallback</span><span class="o">,</span>        <span class="c1">// Auth token callback</span>
-            <span class="kc">null</span><span class="o">);</span>
-<span class="o">}</span>
-
-<span class="c1">//Callback to handle auth token request results</span>
-<span class="kd">private</span> <span class="n">AccountManagerCallback</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;</span> <span class="n">mCallback</span> <span class="o">=</span>
-        <span class="k">new</span> <span class="n">AccountManagerCallback</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;()</span> <span class="o">{</span>
-
-    <span class="nd">@Override</span>
-    <span class="kd">public</span> <span class="kt">void</span> <span class="nf">run</span><span class="o">(</span><span class="n">AccountManagerFuture</span><span class="o">&lt;</span><span class="n">Bundle</span><span class="o">&gt;</span> <span class="n">result</span><span class="o">)</span> <span class="o">{</span>
-        <span class="n">Bundle</span> <span class="n">bundle</span> <span class="o">=</span> <span class="n">result</span><span class="o">.</span><span class="na">getResult</span><span class="o">();</span>
-
-        <span class="n">Intent</span> <span class="n">authIntent</span> <span class="o">=</span> <span class="o">(</span><span class="n">Intent</span><span class="o">)</span> <span class="n">bundle</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_INTENT</span><span class="o">);</span>
-        <span class="k">if</span> <span class="o">(</span><span class="n">authIntent</span> <span class="o">!=</span> <span class="kc">null</span><span class="o">)</span> <span class="o">{</span>
-            <span class="c1">//Additional user authentication required first</span>
-            <span class="n">startActivityForResult</span><span class="o">(</span><span class="n">launch</span><span class="o">,</span> <span class="n">REQUEST_CODE_AUTHORIZE</span><span class="o">);</span>
-        <span class="o">}</span> <span class="k">else</span> <span class="o">{</span>
-            <span class="c1">//We are authenticated with the service</span>
-            <span class="n">String</span> <span class="n">token</span> <span class="o">=</span> <span class="n">bundle</span><span class="o">.</span><span class="na">getString</span><span class="o">(</span><span class="n">AccountManager</span><span class="o">.</span><span class="na">KEY_AUTHTOKEN</span><span class="o">);</span>
-
-            <span class="c1">//…Use this token to access web services…</span>
-        <span class="o">}</span>
-    <span class="o">}</span>
-<span class="o">};</span>
-</pre></div></div></div>
-<ul>
-<li>
-If the registered <span class="monospaced">AccountAuthenticator</span> needs the user to enter additional information, this will return an activity <span class="monospaced">Intent</span> you need to launch.
-</li>
-<li>
-Otherwise, the token will be returned in the callback <span class="monospaced">Bundle</span>.
-</li>
-</ul>
-</li>
-<li>
-<p>
-You can now use this token to access this service&#8217;s APIs, or your own.
-</p>
-</li>
-</ol>
-</li>
-</ul>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Encryption</h2>
-<ul>
-<li>
-Enhanced privacy and integrity of data (beyond the application sandbox) can be achieved using encryption
-</li>
-<li>
-On-device data encryption is usually done via Java Cryptography Extension (JCE)
-</li>
-<li>
-The <em>key</em> to secure on-device encryption is not storing the decryption keys on the file system
-<ul>
-<li>
-If the file system is compromised (e.g. rooted) the keys are just as easy to obtain as the data
-</li>
-</ul>
-</li>
-<li>
-The chosen method of encryption should rely on information that cannot be obtained by dumping <span class="monospaced">/data</span>
-</li>
-<li>
-The workhorse of encryption/decryption is the <a href="https://developer.android.com/reference/javax/crypto/Cipher.html" target="_blank"><span class="monospaced">Cipher</span></a>:
-<ul>
-<li>
-To encrypt to a byte array:
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
-<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="c1">// derived key for chosen algorithm</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-To decrypt the same byte array:
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// read encrypted buffer from somewhere</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-</ul>
-</li>
-<li>
-To avoid keeping large blocks of data in memory, there&#8217;s <span class="monospaced">CipherInputStream</span> and <span class="monospaced">CipherOutputStream</span>:
-<ul>
-<li>
-To encrypt to a file/stream:
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
-<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="c1">// derived key for chosen algorithm</span>
-<span class="n">OutputStream</span> <span class="n">out</span> <span class="o">=</span> <span class="k">new</span> <span class="n">FileOutputStream</span><span class="o">(</span><span class="s">&quot;some-file&quot;</span><span class="o">);</span>
-<span class="k">try</span> <span class="o">{</span>
-    <span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-    <span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
-    <span class="n">out</span> <span class="o">=</span> <span class="k">new</span> <span class="n">CipherOutputStream</span><span class="o">(</span><span class="n">out</span><span class="o">,</span> <span class="n">cipher</span><span class="o">);</span>
-    <span class="n">out</span><span class="o">.</span><span class="na">write</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
-    <span class="n">out</span><span class="o">.</span><span class="na">flush</span><span class="o">();</span>
-<span class="o">}</span> <span class="k">finally</span> <span class="o">{</span>
-    <span class="n">out</span><span class="o">.</span><span class="na">close</span><span class="o">();</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-<li>
-To decrypt the same file/stream:
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">InputStream</span> <span class="n">in</span> <span class="o">=</span>  <span class="k">new</span> <span class="n">FileInputStream</span><span class="o">(</span><span class="s">&quot;some-file&quot;</span><span class="o">);</span>
-<span class="k">try</span> <span class="o">{</span>
-    <span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-    <span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">);</span>
-    <span class="n">in</span> <span class="o">=</span> <span class="k">new</span> <span class="n">CipherInputStream</span><span class="o">(</span><span class="n">in</span><span class="o">,</span> <span class="n">cipher</span><span class="o">);</span>
-    <span class="n">in</span><span class="o">.</span><span class="na">read</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span> <span class="c1">// do properly</span>
-<span class="o">}</span> <span class="k">finally</span> <span class="o">{</span>
-    <span class="n">in</span><span class="o">.</span><span class="na">close</span><span class="o">();</span>
-<span class="o">}</span>
-</pre></div></div></div>
-</li>
-</ul>
-</li>
-</ul>
-</section>
-
-<!--subslide-->
-<section class="slide slide1">
-<h2>Password Based Encryption</h2>
-<ul>
-<li>
-One secure method for encrypting data is to rely on a user-entered password to derive the encryption key.
-</li>
-<li>
-This type of encryption pairs well with the <a href="http://en.wikipedia.org/wiki/Advanced_Encryption_Standard" target="_blank">Advanced Encryption Standard</a> (AES) cipher algorithm.
-</li>
-<li>
-AES is a <em>symmetric-key algorithm</em>, meaning it uses the same key to encrypt/decrypt data.
-</li>
-<li>
-Advantage: Key is not stored anywhere an attacker can search without "shoulder surfing"
-</li>
-<li>
-Disadvantage: Requires asking user for passcode repeatedly, or caching in memory (reducing the security factor).
-</li>
-<li>
-We can use the following steps to derive a password-based key:
-<ol>
-<li>
-<p>
-Android only supports the "PBKDF2WithHmacSHA1" key derivation algorithm, which requires a random <em>salt</em> to apply to the password (to reduce brute-force capabilities).
-</p>
-</li>
-<li>
-<p>
-The Cipher Block Chaining (CBC) mode is well-supported for AES on Android, which also requires a random <em>initialization vector</em> for encryption.
-</p>
-</li>
-<li>
-<p>
-We can generate all the necessary bits with the help of <a href="https://developer.android.com/reference/java/security/SecureRandom.html" target="_blank"><span class="monospaced">SecureRandom</span></a>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AES/CBC/PKCS5Padding&quot;</span><span class="o">);</span>
-
-<span class="c1">// Do *not* seed secureRandom! Automatically seeded from system entropy.</span>
-<span class="n">SecureRandom</span> <span class="n">random</span> <span class="o">=</span> <span class="k">new</span> <span class="n">SecureRandom</span><span class="o">();</span>
-
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="mi">32</span><span class="o">];</span>
-<span class="n">random</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">salt</span><span class="o">);</span>
-
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">iv</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="n">cipher</span><span class="o">.</span><span class="na">getBlockSize</span><span class="o">()];</span>
-<span class="n">random</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">iv</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-The <em>salt</em> will be necessary to derive the <span class="monospaced">SecretKey</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kd">private</span> <span class="n">SecretKey</span> <span class="nf">generateSecretKey</span><span class="o">(</span><span class="kt">char</span><span class="o">[]</span> <span class="n">passphraseOrPin</span><span class="o">,</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span><span class="o">)</span>
-        <span class="kd">throws</span> <span class="n">NoSuchAlgorithmException</span><span class="o">,</span> <span class="n">InvalidKeySpecException</span> <span class="o">{</span>
-    <span class="c1">// Number of PBKDF2 hardening rounds to use. Larger values increase</span>
-    <span class="c1">// computation time. You should select a value that causes computation</span>
-    <span class="c1">// to take &gt;100ms.</span>
-    <span class="kd">final</span> <span class="kt">int</span> <span class="n">iterations</span> <span class="o">=</span> <span class="mi">1000</span><span class="o">;</span>
-
-    <span class="n">SecretKeyFactory</span> <span class="n">secretKeyFactory</span> <span class="o">=</span>
-            <span class="n">SecretKeyFactory</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;PBKDF2WithHmacSHA1&quot;</span><span class="o">);</span>
-    <span class="n">KeySpec</span> <span class="n">keySpec</span> <span class="o">=</span>
-            <span class="k">new</span> <span class="n">PBEKeySpec</span><span class="o">(</span><span class="n">passphraseOrPin</span><span class="o">,</span> <span class="n">salt</span><span class="o">,</span> <span class="n">iterations</span><span class="o">,</span> <span class="n">KEY_LENGTH</span><span class="o">);</span>
-    <span class="kt">byte</span><span class="o">[]</span> <span class="n">keyBytes</span> <span class="o">=</span> <span class="n">secretKeyFactory</span><span class="o">.</span><span class="na">generateSecret</span><span class="o">(</span><span class="n">keySpec</span><span class="o">).</span><span class="na">getEncoded</span><span class="o">();</span>
-
-    <span class="k">return</span> <span class="k">new</span> <span class="n">SecretKeySpec</span><span class="o">(</span><span class="n">keyBytes</span><span class="o">,</span> <span class="s">&quot;AES&quot;</span><span class="o">);</span>
-<span class="o">}</span>
-</pre></div></div></div>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">See <a href="http://android-developers.blogspot.com/2013/02/using-cryptography-to-store-credentials.html" target="_blank">Using Cryptography to Store Credentials Safely</a></td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-This key is used to initialize the <span class="monospaced">Cipher</span> and encrypt some plain text into ciphertext:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">String</span> <span class="n">passphrase</span> <span class="o">=</span> <span class="c1">// user entered password</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
-<span class="n">SecretKey</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
-
-<span class="c1">//Pack the result in a cipher text blob</span>
-<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-</ol>
-</li>
-<li>
-We can use the same process to decrypt the ciphertext data:
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">The same salt and initialization vector are required for decrypting the data, so they must be saved somewhere. These values are NOT secret, so it is safe to persist them.</td>
-</tr></table>
-</div>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="c1">// retrieve from encryption step</span>
-<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">iv</span> <span class="o">=</span> <span class="c1">// retrieve from encryption step</span>
-<span class="kd">final</span> <span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// encrypted ciphertext</span>
-
-<span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AES/CBC/PKCS5Padding&quot;</span><span class="o">);</span>
-
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-For more details, see <a href="http://nelenkov.blogspot.com/2012/04/using-password-based-encryption-on.html" target="_blank">Using Password-based Encryption on Android</a>
-</li>
-</ul>
-</section>
-
-<!--subslide-->
-<section class="slide slide1">
-<h2>Keystore and Keychain API</h2>
-<ul>
-<li>
-Since Donut/1.6, Android has had a system-wide <span class="monospaced">keystore</span> for storage of VPN and (later) WiFi authentication keys
-<ul>
-<li>
-See <a href="http://www.google.com/support/mobile/bin/answer.py?hl=en&amp;answer=168466" target="_blank">Working with secure certificates</a>
-</li>
-<li>
-Pre ICS/4.0, applications were not able to access it, so those needing to authenticate via client certificates ended up maintained their own key store (hard to manage across apps)
-</li>
-</ul>
-</li>
-<li>
-In ICS/4.0, Android adds support for <a href="http://developer.android.com/reference/android/security/KeyChain.html" target="_blank"><span class="monospaced">android.security.KeyChain</span></a>, which provides apps with
-<ul>
-<li>
-Access to private keys in the system key store and their corresponding certificate chains (subject to one-time user approval)
-</li>
-<li>
-Ability to initiate installation of credentials from X.509 certificates and PKCS#12 key stores (e.g. for installation of organization CA certs)
-</li>
-</ul>
-</li>
-<li>
-Also, in ICS/4.0, Android uses the screen lock password to protect the system credential storage, which works well with device administration APIs and prevents the user from disabling the password as long as they use the secured credentials
-</li>
-<li>
-See <a href="http://android-developers.blogspot.com/2012/03/unifying-key-store-access-in-ics.html" target="_blank">Unifying Key Store Access in ICS</a>
-</li>
-</ul>
-</section>
-
-<!--subslide-->
-<section class="slide slide1">
-<h2>Encryption Using Hardware-Backed Private Keys</h2>
-<ul>
-<li>
-On Android 4.3+, the hardware-backed <em>AndroidKeyStore</em> stores device-specific private keys.
-<ul>
-<li>
-See <a href="https://developer.android.com/training/articles/keystore.html" target="_blank">Using Android Keystore Provider</a>
-</li>
-</ul>
-</li>
-<li>
-We can use these keys with the <a href="http://en.wikipedia.org/wiki/RSA_%28cryptosystem%29" target="_blank">RSA</a> cipher algorithm
-</li>
-<li>
-RSA is an <em>asymmetric-key algorithm</em>, meaning it uses a separate "public" key to encrypt data and a "private" key to decrypt it.
-</li>
-<li>
-RSA private keys are stored inside a secure hardware element.
-<ul>
-<li>
-Typically a Trusted Execution Environment (TEE) on the SoC.
-</li>
-<li>
-<span class="monospaced">KeyChain.isBoundKeyAlgorithm()</span> will tell if other algorithms are also hardware-bound (and, therefore, non-exportable)
-</li>
-</ul>
-</li>
-<li>
-Advantage: This approach doesn&#8217;t require user input (password)
-</li>
-<li>
-Disadvantage: Key generation is slow. Technically key is retrievable (though it would require dismantling the SoC)
-</li>
-</ul>
-<p>Here is an example of using a non-exportable key to encrypt a chunk of data:</p>
-<ol>
-<li>
-<p>
-To encrypt data with a hardware-bound key, we first need to generate one for the application:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="c1">//Create key pair with self-signed certificate information</span>
-<span class="n">Calendar</span> <span class="n">cal</span> <span class="o">=</span> <span class="n">Calendar</span><span class="o">.</span><span class="na">getInstance</span><span class="o">();</span>
-<span class="n">Date</span> <span class="n">now</span> <span class="o">=</span> <span class="n">cal</span><span class="o">.</span><span class="na">getTime</span><span class="o">();</span>
-<span class="n">cal</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="n">Calendar</span><span class="o">.</span><span class="na">YEAR</span><span class="o">,</span> <span class="mi">1</span><span class="o">);</span>
-<span class="n">Date</span> <span class="n">end</span> <span class="o">=</span> <span class="n">cal</span><span class="o">.</span><span class="na">getTime</span><span class="o">();</span>
-
-<span class="n">KeyPairGenerator</span> <span class="n">kpg</span> <span class="o">=</span> <span class="n">KeyPairGenerator</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA&quot;</span><span class="o">,</span> <span class="s">&quot;AndroidKeyStore&quot;</span><span class="o">);</span>
-<span class="n">kpg</span><span class="o">.</span><span class="na">initialize</span><span class="o">(</span><span class="k">new</span> <span class="n">KeyPairGeneratorSpec</span><span class="o">.</span><span class="na">Builder</span><span class="o">(</span><span class="n">context</span><span class="o">)</span>
-        <span class="o">.</span><span class="na">setAlias</span><span class="o">(</span><span class="n">KEY_ALIAS</span><span class="o">)</span>
-        <span class="o">.</span><span class="na">setStartDate</span><span class="o">(</span><span class="n">now</span><span class="o">)</span>
-        <span class="o">.</span><span class="na">setEndDate</span><span class="o">(</span><span class="n">end</span><span class="o">)</span>
-        <span class="o">.</span><span class="na">setSerialNumber</span><span class="o">(</span><span class="n">BigInteger</span><span class="o">.</span><span class="na">valueOf</span><span class="o">(</span><span class="mi">1</span><span class="o">))</span>
-        <span class="o">.</span><span class="na">setSubject</span><span class="o">(</span><span class="k">new</span> <span class="n">X500Principal</span><span class="o">(</span><span class="s">&quot;CN=&quot;</span> <span class="o">+</span> <span class="n">KEY_ALIAS</span><span class="o">))</span>
-        <span class="o">.</span><span class="na">build</span><span class="o">());</span>
-
-<span class="c1">//Calling this also binds the private key to hardware</span>
-<span class="c1">// You could obtain it here with getPrivate(), if needed</span>
-<span class="n">KeyPair</span> <span class="n">kp</span> <span class="o">=</span> <span class="n">kpg</span><span class="o">.</span><span class="na">generateKeyPair</span><span class="o">();</span>
-
-<span class="c1">//Use public key to encrypt data</span>
-<span class="n">PublicKey</span> <span class="n">publicKey</span> <span class="o">=</span> <span class="n">kp</span><span class="o">.</span><span class="na">getPublic</span><span class="o">();</span>
-</pre></div></div></div>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">You only need to do this once, and persist the public key somewhere for re-use. Generating a hardware-bound key is expensive (many seconds).</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Now we can pass the public key to a <span class="monospaced">Cipher</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="c1">// some plain text</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA/ECB/PKCS1Padding&quot;</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">publicKey</span><span class="o">);</span>
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">plainText</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-To decrypt, we retrieve the private key from the keystore:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">KeyStore</span> <span class="n">ks</span> <span class="o">=</span> <span class="n">KeyStore</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;AndroidKeyStore&quot;</span><span class="o">);</span>
-<span class="n">ks</span><span class="o">.</span><span class="na">load</span><span class="o">(</span><span class="kc">null</span><span class="o">);</span>
-<span class="n">KeyStore</span><span class="o">.</span><span class="na">Entry</span> <span class="n">entry</span> <span class="o">=</span> <span class="n">ks</span><span class="o">.</span><span class="na">getEntry</span><span class="o">(</span><span class="n">KEY_ALIAS</span><span class="o">,</span> <span class="kc">null</span><span class="o">);</span>
-<span class="k">if</span> <span class="o">(!(</span><span class="n">entry</span> <span class="k">instanceof</span> <span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">))</span> <span class="o">{</span>
-    <span class="k">throw</span> <span class="k">new</span> <span class="n">KeyException</span><span class="o">(</span><span class="s">&quot;Not an instance of a PrivateKeyEntry&quot;</span><span class="o">);</span>
-<span class="o">}</span>
-
-<span class="n">PrivateKey</span> <span class="n">privateKey</span> <span class="o">=</span> <span class="o">((</span><span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">)</span> <span class="n">entry</span><span class="o">).</span><span class="na">getPrivateKey</span><span class="o">();</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-The private key can then be passed to the decrypt <span class="monospaced">Cipher</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="c1">// encrypted ciphertext</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="s">&quot;RSA/ECB/PKCS1Padding&quot;</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">privateKey</span><span class="o">);</span>
-
-<span class="kt">byte</span><span class="o">[]</span> <span class="n">plainText</span> <span class="o">=</span> <span class="n">cipher</span><span class="o">.</span><span class="na">doFinal</span><span class="o">(</span><span class="n">encrypted</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-</ol>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Lab: Encrypting File Data</h2>
-<ul>
-<li>
-To begin, download and import the initial <em>SecureNote</em> application (if you are using our student VMs, you can skip this step and simply open the <span class="monospaced">SecureNote</span> project):
-<ul>
-<li>
-Option #1: Clone separately and import:
-<ol>
-<li>
-<p>
-Download the code <a href="https://github.com/thenewcircle/SecureNote" target="_blank">from GitHub</a>:
-</p>
-<ul>
-<li>
-As a ZIP archive: <a href="https://github.com/thenewcircle/SecureNote/archive/master.zip" target="_blank">https://github.com/thenewcircle/SecureNote/archive/master.zip</a>
-</li>
-<li>
-On the command line: <span class="monospaced">git clone https://github.com/thenewcircle/SecureNote.git</span>
-</li>
-</ul>
-</li>
-<li>
-<p>
-Open Android Studio
-</p>
-</li>
-<li>
-<p>
-Select <em>Import project</em>
-</p>
-</li>
-<li>
-<p>
-Choose the root directory of the cloned project
-</p>
-</li>
-</ol>
-</li>
-<li>
-Option #2: Import directly from GitHub:
-<ol>
-<li>
-<p>
-Open Android Studio
-</p>
-</li>
-<li>
-<p>
-Select <em>Check out project from Version Control</em> &#8594; <em>Git</em>
-</p>
-<ol>
-<li>
-<p>
-Enter "https://github.com/thenewcircle/SecureNote.git" as the URL
-</p>
-</li>
-<li>
-<p>
-Choose a destination directory on your machine (e.g. <span class="monospaced">~/StudioProjects</span>)
-</p>
-</li>
-<li>
-<p>
-Click <em>Clone</em>
-</p>
-</li>
-</ol>
-</li>
-<li>
-<p>
-After the clone is complete, select <em>Yes</em> to open the project
-</p>
-</li>
-<li>
-<p>
-Click <em>OK</em> to run the Import Wizard with the default options
-</p>
-</li>
-</ol>
-</li>
-</ul>
-</li>
-</ul>
-<p>After importing, you will need to click File&#8594;Sync Project with Gradle Files</p>
-<p>Once the project is imported and open, build and deploy it to a device/emulator. You should see a user interface that looks like this:</p>
-<div class="imageblock">
-<div class="content">
-<img alt="images/Lab-SecureNote.png"
-src="data:image/png;base64,
-iVBORw0KGgoAAAANSUhEUgAAAWgAAAKACAYAAACxGuKnAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAL
-EwAACxMBAJqcGAAAAVlpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6
-eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYg
-eG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4K
-ICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6dGlm
-Zj0iaHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8iPgogICAgICAgICA8dGlmZjpPcmllbnRh
-dGlvbj4xPC90aWZmOk9yaWVudGF0aW9uPgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9y
-ZGY6UkRGPgo8L3g6eG1wbWV0YT4KTMInWQAAQABJREFUeAHsnQW8HsXVhyfuISQhQUKcBHfX4O5Q
-3KVIaZHiBVIoUOhHkVKkRUpxdynu7hogkARNQtw93z7n5lz2bt732t6FTfY/+b2yuzNnZp6d/c/Z
-s/PeNGrSpMncoCQCIiACIpA7Ak1z1yI1SAREIBcE5s6dG3jFU6NGjWzTP+PH0n6nrrrYnTNnTpUq
-KVuX8lUK53SjkTzonJ4ZNUsEfgUCiB5CGelCaN26tb2aNWtm+9g/derUMGXKlDB9+nRrHfnSJuqk
-jkUXXTSMGjXK6qpOaGlH06ZNQ5cuXULjxo0tP5/Tpk0LI0eOtH1p25SX8hLovJwJtUMEfkUCiCQi
-17Fjx7DIIouEmTNnhuHDh1cKcbxpSyyxRGjTpo0d++mnn+yzvt4r9bZs2dJeY8eOtWoQ69mzZ5f0
-hhFnjvsEEW8X35lUEOrqBD5ZJs/bEug8nx21TQQyJoDg8VpyySXNKx02bFiVGtddd92w+OKL2z6E
-74knnqhyvH379qFTp04BoZ40aZJ53lUyVLNBvc2bN7eJAa/8t7/9bXjyySfDkCFDbD8iHU9s4zXj
-PeNtDxgwoDIfoo33/OijjwbahCc+efLkWnnTtKOUoDN5kGo7+Xh+JrpSqabjpcpIoEtR0T4RKAAB
-BAOxQ4C//fZb6/EWW2wRdt9997DyyiuHrl27mhDilSJiCCReLq+vvvoqPPfcc+Ef//iHlWvVqpV5
-r6NHj661SGNvueWWC5999lm4+eabw1prrRWWXXZZE0S86hkzZlSeBfK2a9cuTJw40fb16dMnvPvu
-u7YPb5r8bK+xxhqVZTx/qTAM/eHVokULY8AE4SINFwS/Q4cO1hfCOhMmTKg8XlnBvC/khxH1kchL
-GRfqmo7PM1PyQwJdEot2isDCTQDRQJwQN4Rqr732CkcddVRYddVVTZhq03vCIHi7Dz30UDj55JOt
-CCGSMWPG1CjSCC5iPGjQoHD66aeHCy64IAwePDgss8wy5iWPHz8+zJo1q7IZHp8+99xzwzrrrGOi
-uvHGG9sn7Udc8eLfeOMNq/s///lPuOuuu0Lnzp0Dk4aLpRvEHp42gk85JioSdVKGbUI8npZeeunw
-448/Bri5kHOMfjDB0V5EmYRQI9gjRoyw7eqOl5o8rNC8N63iiNPQdxEoCAFCC7wIW9x0001hzz33
-DHjBJPcua0KBl9mvX7/wxz/+MWy++ebhxBNPDM8//7wJfDmPE3FDBCmHOBPWOOOMM6wq2kJCBJOp
-bdu2FrZYb731Al4+iXa6YPK52GKLhR122MGOvfnmm/bp5WwjekNQCckQAuFFwov/4osv7Bji7Pu3
-3nprs0lYhzsMBB1PGxv0gzoJubiQw5B99957rwk/kxX5yh2nvUwO1Yl06WCJNVtvIiACCyMBhI2H
-fIho3759A0KEOCOcCAwJj7O6F8KDHcSKtNpqq1lMmO9+q8/3eHJxpk4EcddddzXPGREluZfLJ7bj
-ydvlYQ+vN1mGcvQD754Ut0MZ96gRz7///e/h008/DRdffLH1g7AJ4kyoBYHnzuDGG28Mn3/+ebj6
-6quNF543D0nxqJdaaimLe++zzz7hyy+/DLfddlu44447LGSzyy672J0E3nu544gz3rX3Jd5f/y6B
-dhL6FIGCEEAox40bZwJDWOHxxx+3nnNbzzEXX3YicPGX7+OTfJ7whgcOHGibCH8ykRfh7Nmzp4Uy
-VlxxxXDllVfaqhEXUy8Tt5vc58f804/7J/v95fv4ROC7d+9uAozY4hH/4Q9/MO8Z0SW5TcIjiPQj
-jzwSLr30UjtG+AdvH1H94YcfAg9Tv//+ezt23nnn2USHmN96660WurnwwgvtGG+ljhPSITHheIzf
-diTeFOJIANGmCBSFALFiPMlDDjnEPGpu0UkIsosV2/497o2yD8+P23OE6sgjjySreZfEauO37eRF
-nPE4hw4davmID7NyBOF0L9jte32WsQHf3FPFY3/nnXfCK6+8YrFzr5fJiruJ3r17mwfNw1ISoSDE
-fP311w/XXnttOOWUU0LPaKI55phjwn777RfwvJ955plKBsTRyUuMHL7lju+2227hvvvuMy6Ifql+
-y4NuwAEgUyKwoBBADPyhFuGN3/zmNyZa7EewXLToj2/7MT4RVkQYG3iIL730knmRiLM/cHMWiDPx
-Vvc433vvPfNc4+LsebP6ZBKgflZmHHDAASaeLMljP/0hsWqFUMXhhx8ejj/+eHtg6vv5/O677/gI
-hx12WDj66KMtFt6jRw/bh8B68nzEtom1k0od92Pxycxt+Kc8aCehTxEoGAGEAS8aTxahXXPNNS3e
-inC4d+zi5WhcnBE2QhPEcfEqfUUG4hwXd+zwwxf3kvE0WSmCOCdtex1ZfdJfD+0g1oQ84omJ6uuv
-v7YXYQceCLJihHgyIZEzzzzTsl9//fW22uTpp58OW265ZdyEfadvJJb+sVImmZwPx0nVcZAHnaSn
-bREoEAEEFe+Oh14k1j/jASJmHhJwD5rjca/38ssvD3/6058qV2RQxsWHvHxHhFg1wZKz+++/P2y2
-2Wa2H1GqTpgon3XyB45ejwvrCiusYOLMflZk0C9facIDTh4qHnHEEVbMJx630dCfEuiGJip7IrAA
-EUBEEWk8RMSHddEDo4d9rA9GmNzTRUzJ66Lqa5979eplD8zKCRXCj1d63XXXmSfqaNyeb/9Sn9Tr
-Qux98brZzwqNTz75xHYR7iBu/uc//znccsstNnkRp+YOgxgzyZcG2sa8N2fBseQkQBav13+uHp/U
-4nb4rhBHkoi2RaBgBFykEZ/+/fsHbuFZ33vOOefYLbqLNPkQH+LNO++8s3nG/KoQoUHM4wnvG1ss
-UbvkkkvsQSTHsYWN6kQpbifr7/F24O3DgPT2228HJh/WdvtKjg8//NAe+rFEkBfJ8yPsnggZkchD
-eIdU6jgTAMknDNtIvEmgE0C0KQJFJIBQIbIIKsLKMjGWn/ELQQSVB3142h999JE9YIMR+ZM/7cY7
-JK//hPuEE04Ixx57rNlwcaase5Hx774vLpocL5c8v3+Wy1duP+Xom08ufCfxYxt+Mo4g94xWa/BD
-HvIQtz711FNtrfPyyy9vKzs4xkTGj2eYiGC04YYb2sNGfgpP4teWyeOI9z333GMPLZnkyvVBAm0I
-9SYCIgABRIq/s8FSM5aT8SCNn4EjPKz95cclJEIXhEXYHxdUxBlR4+9r7LvvvuHss882L5wHioic
-x7XNSPSGMLGPet2Of3oePn1f/DPpeXLM7Xi+uA3/7sdoE39QiYeBJEST+DMhDEIThHxYr02fWGrH
-Wm8Emv1MQO4Vs4oFkf79739vdhDks846y77zBoO//OUvVY6Tn8SDSR5c+iRhO2NvEugYDH0VgaIT
-cMHkF3X86m7vvfe2TwTppJNOMvFmXS8inhRnhI/QCGudDzroIPtDSv6rQn4WXi655+qrGsiX9Cg9
-j9spJ2iUpV28SKXs4PWTWAfNkjv/aTd1MAkdfPDBgbXSlEXE6Rf2/Ac4TFjdunULL7zwgok0P1Dh
-xfI88hIiIvFwFBvEr3klj8MquWbcCsbeJNAxGPoqAiJQ4UUjRv4LO27Pe0XxWDxDHpqVEme4IXAu
-iPxtDpbwIXguruRx75Xvnpd9iDPhExKimPSO/WEbgsafFSXu7eWt0Lw39uGRUzcJW8nEcYQeO6ws
-IVE/efmTqfzJ03KJCYf+82IJHe3h59r8vQ0ehHryfWz791LHq5toKKu/ZgcFJREQgfkIIGQ85GI1
-AoLoQlOdqFAGEfM/Czqf0Rp2IJSIcSnxRbTjf9aznCkEH4GmLaXsUI489INf+tE3/hqdTyTs4xh5
-KO+fCDjeN380iXa6J0678LjZT8JW/G9R13TcCpV5k0CXAaPdIiACFX/9DVFEkBC96sTZeSFIiBq3
-+C56CF0psSQfLxLCjLCXy4ct4sG1TYQlaEspe27Dj8fzsK9cog3eZu+b52VCIJVjVNNxtxP/lEDH
-aei7CIhASQKIUlzESmaK7UQcye/iGztU8it5EUYXsVKZsEVYgVc5u14nv4yszlYp+3ncF/WnUcX0
-lcfWqU0iIAILJAGEsj6pnPDWx9bCUKapPxVdGDqjPoiACIjAwkSgqa/li3cqPvv5jMY+/07eeJ54
-WX0XAREQARFoGAJNk4HupNm4EMe/J/NpWwREQAREoGEJ6I8lNSxPWRMBERCBBiMggW4wlDIkAiIg
-Ag1LQALdsDxlTQREQAQajIAEusFQypAIiIAINCwBCXTD8pQ1ERABEWgwAhLoBkMpQyIgAiLQsAQk
-0A3LU9ZEQAREoMEISKAbDKUMiYAIiEDDEpBANyxPWRMBERCBBiMggW4wlDIkAiIgAg1LQALdsDxl
-TQREQAQajIAEusFQypAIiIAINCwBCXTD8pQ1ERABEWgwAhLoBkMpQyIgAiLQsAQk0A3LU9ZEQAQK
-QoC/jx//G/lZdFsCnQVV2RQBEVioCSDMrVq1sleWIt2gAu0N5Q/78x8B6A/8L9RjVJ0TgUISQOfa
-tWsXPv/8c3vx3bWvoYE0bQiDNA5BpqGkmTNn2v/Qy/93yP/uO2XKFPsv1RdmwYYBfWVWhQUM6He8
-z+Rp3ry55eF/MJ48eXKN/y18ufPjAyJuv1xe7RcBEWgYAlx3/K/iH330UVh33XXN6Ouvvx769+8f
-pk+fXuV6b4gaUws0QoPoIMYffvhhyTbx/x527NgxTJo0ycSrZKYFeCcnjf4PGzbMJiLvynLLLWci
-jWB7ni+++MIPh8UXXzy0adPG/nv42gqt22nbtq3ZgSmTQW3LV1auLyIgAnUmwHX38ccfh7/97W/h
-sMMOs/LXX399OPnkk8OKK65oGteQ12KqEAdigTjjCX766afhT3/6U3j66afDJ598Yq7/G2+8Ea69
-9loTD/bROQQ9mbDDq6ZU23w12UkeL2e33P54efLgNX/55ZfhoIMOCs8880x4+eWXw8CBA8Nnn30W
-FllkEeuz5znjjDPCK6+8Ep544omw2mqrha+++spm5KTNUnWzj4ngm2++Ce+99569hg4davs4lkyl
-bCTzaFsERKB2BNA6whobbbRROPTQQ8Oiiy5qL76zD+cL77ohUyoPmlv6GTNmhB9++MGEefPNN5+v
-bWuvvXbYYostAsJ05513hhVWWMEEnVmGF53GDsLNLcLs2bPn8wZdmMhLIg954wkbeKoc4+WJfRzD
-Bp4mie0mTZpUbrds2dLKTJs2zeomL3moj/KzZs2yfrI/mdjnJ2WZZZYJm222mWVZdtllTYTffvvt
-wH7Ps9JKK4X111/f2nPXXXdZXurx/sTr9X76pEY7Bw0aFPbdd9+w1157WVtheuuttwbqi7ef/lFn
-Te1P9kfbIiAC+SFQb4FGmPCI33///XDbbbcFF2c8u2effdYEDTFCsHr37h3OOussE2iECPFAlPjk
-dsETQta6deswceLESqFEYNq3bx/GjBljXqrnxTaTA6JEnlGjRlm5zp07mw1Ejf3EgX/66ScLJTDj
-sW/06NFmr0+fPtYGvHsS24gisfSpU6faXYHXx+0LQs1+bMSTCzcTgE8OnTp1Cn/5y19sckIoPQ9t
-JmHH8/ox+ul3I26fCY0EExd5eO600062/5133rFPeMICW3VtvxnQmwiIQLUEuHaJNb/00kvhhhtu
-CIcffrjp1I033mj7sghx1FugudVGNEh4yaTBgweH1Vdf3b77G94dHh9C8+c//zmcc845YZ111gmE
-P0hbbbVVWHrppS12gzdIoqPYdm/ygw8+MJHeb7/9TNi5rX/uuedMiJZaaikTO/dSKYeYUxYBXGyx
-xULfvn3NWx45cqR56gjxKqusEvBuyX/IIYfY54svvhi6du1qDwBoB14qk9C3334bnnzySbNJPYh+
-XKQ95sQn+317k002sYnpvPPOCxtssAEmK48lyxOL9hi+1zt8+PDw6KOPWjn4uSfNxObizncS9jiO
-yPMAg+R2amq/ZdabCIhAjQR45tOvXz+LOf/3v/+1/Fxv7OOYX/s1GqplhnoLNA3BY8NbQwxJeIUk
-Zpkll1zSYqUPPfRQ6NWrV+D23G/jEWfCHog1QokNjg0cONBmJgLweMjsI4575ZVXhh133NFsIkjj
-x48PeI6nnHJKePfddwMP466++mqr9/HHHw977rmnTRpvvvmm2WMbkTr44IMD++6++24LCSC6Xbp0
-CRtuuKF5y4ggIk4sff/997d245lOmDDB7hROO+208Nprr1l99LXcyUAoaTtxZ+JTCLRPZqXK4Bkz
-WeBx09aePXvaRMQJp/+XX365hTGYzO6///7ApIQdXieddFI44ogjwqmnnhp8wBBOOuCAA+zOpT7t
-t5OoNxEQgWoJ+J1vtZlSHqy3QHM7z238999/H7777rvQo0cPE0gEGYHDwyX9+OOPFtrgO0KEUONN
-8uSze/fu5gny0AtbxFERacTsmmuuoUjg9gFhJY0bN85CAAgUIRWOIfBMFL4ighAHCQ+fxOoRvGBW
-kvhEwnf27bzzzhbiIB9iSrrgggtM+JkIEGYEu1u3bmHjjTcO//73v837x4NG+Ah5JBOiiXdLmGfA
-gAGhZyS23BngzZZLiDMifNxxx5noIswjRowwIV5rrbXCZZddZuEcQjHUCXvqJ/m2e9IXXnhh+OMf
-/2h9rU/7y7VR+0VABILpBmHZiy++2BwjmFx33XX5W8XB7OEChbggxIgGni4rORBoxA4PlbTGGmtY
-6AIxPf30002cEVy8aMQdL5BlasSg8TpJe++9d9htt93sO143godY4i3jpa688srhn//8ZxgyZEhl
-W/xBoM9u3kbiR77PPXm2n3rqqXD++eebneWXX95WYiB2nATqJvxC/yiDh33RRRdZOxF4DzlYA6M3
-7PFiIsDTfuGFF+zQdtttF4488kj7Hg9tuKhus802FgZC3BHh3Xff3fgQtydcw6TD3QIrZZjEGBye
-LrnkEsvLyhAmK1aSUD/txw7tR+Br0363qU8REIH5CaBvvoqDJXYdOnSwF3rFXXgWqzgaz9+M2u1B
-THigRbyYkAGNfPXVVy3MQdwXMUWIEY5//OMfFpJANIjLsryMRHwVcSTdfvvt4YEHHrDvxHlJhEGI
-qeKxIjLEohGoY445JrA4nPp58EeiPfFP26hmP8d5wEnYAI8foUNECc0g5oQlWDJHOv744yvjw0w0
-JIQ/Lra2M/ZGu7fffnvzwBFzvGOSTxIu5OxDSBFh6mXyIfTCIngmOEI2JMI4hF1I3lds+CTB4CCW
-zt2Bt5+JknTCCSfUuf1WUG8iIAK1IsA16dd2rQrUMlO9QxzYR6AQSW7D33rrLQtd8GQTj5AYMg/n
-ELzf/e53Jhx77LGHedLEnEmUw9MkHIHn62KLoOF1uvfNqgvEndULeJ3EuI8++mgLX3CMGLcLlRku
-8xYXNrLQdtKWW25pnjR2SNjCYyW+Sx8RYzxRkodQuBOgLeXqJZRDuueee2xCYSIjxkz83JOfUEI9
-JFaicKfAHYV7/sTYuZPgISL9Jrnnnfxen/b7w0YzrDcREIGyBHB8alrF4ZpS1kgdD9RboBEXhJUV
-FYQYSKyOIB7Di4TIIaQ9ozgsoQ9eiKQLDE8+kwnBQ6yJCXuclW2EmHKU58XSOV/1QL2ekiLs++Of
-nsc9YGK1JI9DU697yl7OhcwFGQH1mLbncbtsu8Aee+yxFrfG3oEHHmgPAzlOXhdoj5cThiD27AzI
-58vx6DsiTfJycRvsT9t+bCiJgAiUJxBfxXHTTTfZdZzLVRzEiomJcvvMigFEhQd7CAyeMcJCrBSx
-Y3kdn4QsCE24wNxyyy3mufKADxFGMPFMEZp77703HDzv4SDeKGETbOJ9M0sRv/aHjC60YHUBdbHy
-bY55vXyPJxda6iYh2H/9618ttOKTBALNCxHlISXJRds2qnm74oorwlVXXWVeOHcHJMTVBd1nXdpM
-P8eOHWsPI8jHQ07aQNvj3jfH2Bfve1btpy4lERCB+QmU05T5c9ZvT708aBrlooZAeEyZVRF4z76C
-gyZ5Pv9OrJkHe4QzeODnS8O8+XjZDz/8sG3y0JCEaPGDF+LQnlizTNjgkUceMc/UQTFxkAi5kPzH
-HXx3QeR7PHlZ1nGT+Hk2DwB4IBhPO+ywg9VHjBwP2ct5nuQ2+1n9QR8J++yzzz6VYZx4Xn4mTiKk
-s8suu4Szzz7bJiP2+fppxJlwB4myvGDPjO4p3n76UNf2ux19ioAIlCaAg0W4laXAhHNJWa7iqJdA
-I3R4fcRjeLjGD0gQaTzkBx980B6uIRwcR5QQEh70+Y9T+ESweGDIQzBEm7TtttvaAzPWKvNUlB+5
-8AAND5sHg4giIRUehvHbdxJxWxIeNYmVGDxcQ8wQVISdFBdE96r9k7YRK+dh5q677hp6RiGZo446
-ykIKPOTkxyv0kTAFebhrYAWJh0bcNp/YpL++D9vElPmxDg/+iBNzjBd3DSROsNfL02FiXazzZk30
-gOhhK4ltn7hgT3nOAxMATLhzYdCw8oT6CC0xmGg/ws8DxlLtLzdpWaV6EwERqCTAnayv4mBRBE4c
-ie8sL0bXuL65fhsq1UugqZzbe7/950cSl156qS1D4yfIvFyoyEuDEVs8SeLOzDwIOYKBUG+99dYm
-OAgbCbEh8QARb5vVIHitiCP1egwb7/nEE0+0vPfdd589mMQzJ78nv+33kAf7/QGee9fYZB02sSS8
-TlZw8DCQlRcInd8FIMjEwkku7nx3kSOW7G3zuDKTCt4siRUaTB7Yow3eX0JFTHTUy0TBJ+W8Xo4T
-z+dOgn7873//s0mCUAt3HDA888wz7eemiPTAgQPr1H5rnN5EQATqTQANcKes3kZKFGwSCdrAEvtr
-3EWDEF5EgpmDGCueJqKCeBEv5kEeokcMlqVseNQIGD9uQayYbRBJBBKPm6Vi/PU7HqxxjJUTrILA
-O0Z4ETQElx+23HHHHRbawFv0fHiMCC3tQkzxzhEzRO/rr782D5T12gga7eTvhvDLPMSY+rHz2GOP
-2U/WmR3J4w8oCZkg/PxYhfXQeLEuzPSJvhJyIS6OiBOCwXvFNm3BNssI8fAJwxC+oW388SMmKiYs
-uNBP6qUP/NSbpXLM0PyikL4yKSLYJI/B82MaliyyhppzQcgk3n7WUnNXUq79NZ5sZRABETCdYhkr
-PyzDWWLpK8+k+Lsc6ALXtjuEDYWrUSSE8/+JtjpYR4xZXcCtPLfanugIYugJ8ULUEGMECgH3GDO3
-4IiMJ+8oeeN/W4LjCJ6HNfDGqR8RxSYiRkIM+Wl3MiFweLYeq+U4njnlEVtsJetD3PlrfZ7oB790
-dO+X/cyc2GXi4ISRsOd/A4Tv5GEy4hbJk//6kfrxspnMPHEMgSYx8fGwEMbYwvtG2En0CY5MTuTD
-wyZG5qk27fe8+hQBEaieQPw6JmTJ9cidPs4n1z7bDZlSCzSNodF4faywQGxYhYAHiGggPO4he8Nd
-0DiOUONxInB4vwifx3bdNvnwUskHBEQasUMose1QqJ96yed1s+12fHajLPZoK8e9PPl8wiEPnjt1
-YJd+kNdF0ozG3ugTNilHIi9hirhtvnuohfy0h08Sn0x0cMDjpR68afrBxBZvJ3nZj30mKyYVbNN2
-jjFZ1bX91gi9iYAI1EiAawxN8L+CyR01OhG/1ms0UssMDSLQXhcCgUgh1i4YiAgdKtV48pOXF3nI
-i+DGvVNse3nECzvk41Uqn9ePbfeMyYcNXiRs8IrvswPz3jwf9VHWbXnZeN7kd28TZcqlZHs8n9dL
-GIP2wYJ+8j2ZyBvvK/k8uZ36tN9t6FMERKA8Aa4xd7ZwMktdo+VL1/5Igwp07atVThEQARFYsAm4
-I5SVOEOn3qs4Fmy0ar0IiIAIpCOQpTB7yyrWtfmWPkVABERABHJDQAKdm1OhhoiACIhAVQIS6Ko8
-tCUCIiACuSEggc7NqVBDREAERKAqAQl0VR7aEgEREIHcEJBA5+ZUqCEiIAIiUJWABLoqD22JgAiI
-QG4ISKBzcyrUEBEQARGoSkACXZWHtkRABEQgNwQk0Lk5FWqICIiACFQlIIGuykNbIiACIpAbAhLo
-3JwKNUQEREAEqhKQQFfloS0REAERyA0BCXRuToUaIgIiIAJVCUigq/LQlgiIgAjkhkBT/y+a/I9P
-+2duWqiGiIAIiEBBCPjfmPbPpv7F+8+2RNpp6FMEREAEfhkCcS3275UCHRdm/z/z6tssCXx9yamc
-CIjAgkbAxbQ+7fayrpm+jS2+N/X/5DRp3Ask9/t2dcfjlXh+fYqACIhA0QjUpIXljvt+E+hSYkuG
-Uvt9nxsoGnD1VwREQATqSqCUXpbah934fvtPY+M7aqqYvC7SpfL6sZrylSqrfQ1HwM8DFutyfhuu
-BbIkAsUg4FpX3XVW7li5/ZDjWGUMmh3xi9oz8OnJj9dk1PNXl8/z6LPhCHB+CFk1adLEXvBn35w5
-c8KsWbPsU+ekPG/n17RpxX92Xxtm5IXp7Nmz7SW+5fkuzEdqe95rypc8XjES55FLHnRBdrDJ475f
-n/kg0Lx58zBz5szwww8/hBEjRlQ2arHFFguLL754aNmyZZgxY0blfn2pSoDJDT7w43vXrl1tomOC
-KzX2uT5GjhwZpk6dGjp37hxatWo1n5NTtYbabXldyeuvdqWVa0Ej4Oe7VLsbrbrqqtE4mFvqWMl9
-5K3OYMlC2pkZAT8feHJDhgwJHTp0CGuttVZYYoklTDCmT58efvzxx/Dee++FYcOGheWWW848PS+X
-WcMWIMPOgskNoe3evbvdbQwaNMgEG7Yu0p6X7WbNmoU+ffrYxIeo8+J3BZ63PgjcPtcY3327PrZU
-Jl8E6nouGQP1ikHnq9vFbg0nkZAGYrLPPvuEAQMGhCWXXNJEAy+QQTFt2jTzqF9++eVw8803m6gg
-InUdMAszae4+YLjllluGnXbayTzoN954I5x22mlh7bXXDkx07pjAG6aI+b777hs6deoUnn766XDu
-uefOl7euzKhjwoQJ5pUz2XLXk0bw61q/8mdHwMdPXWqoEuKoS0HlzQcBvLgvv/wyHHXUUWGHHXYI
-rVu3DmPHjg3ffPNNmDJlil3g3Kr37NnThJvvF110UVh22WUtLl2qFz6QEPDapvqUqa3tZL6a6qrp
-eCl7lCG8gbeMWJO4EznkkEPCgw8+GPr27Vsp0uSFDRMgefGaKUfyum0j9hbfX4orx4ljk0488UQ7
-V6+++mq46aabQo8ePcqeK/K77VJ2Oa604BKQQC+45848Z8R4/fXXD5tvvrmFNL744gvzkt98803z
-8hDwlVZaKey3334hCmeFDTfcMAwePDg8/vjjduFzW++JvCT2cdHHtz1P8tPzIC54ev6Akgds7HPx
-oJzn5VgpMUHkXKiwRWKb/eR3+5T3Y3E7br8u7TdD8978joNN6sB73XbbbcMrr7xi4kzfvF3k8Tax
-L94Ojnmi7djFHvn4Tjv57u0kL/u9/qWWWsrODedy0qRJNgl4n90un2n7G7el7/kkoD+WlM/zUmOr
-EAQufsR2jTXWsNjzxIkTzdt78sknzUNeccUVw/LLLx++/fbb8Le//S0MHz48tGvXLmy00UZh/Pjx
-laKCMCA+X331VXjrrbfs2Lhx4+w79jmGUMZFyIWTuCtleChJ/XjzTA6EBBAQypAXQfrwww8tL+EB
-9iXT119/bcexw3FePIDDPvFzPFy+jx492uryyaU+7U/WzXayf4hit27dzIv+4IMPKvvjZb2NpfpC
-HvpPW+Hx/fffh8mTJ4fvvvvOtplY8b6dD7zeeeed8O6771o/6Rt95zV06NDKtpG/ofrr/dBnfgnI
-g87vual1y9q2bWsXLRczQoBg471ykfNCZF577TUTOUIcrDYgxIHgISLk4QHj3nvvHVZfffXQsWNH
-q3vMmDHh/fffD3fffbc9OEMY3AtElD755JOwyy67hHXWWSd06dLFJgzCKgj9E088YQ8niYcTU+X4
-BRdcYF7pCy+8YEJLPdhDCBGrk046yeK5iPDzzz9vAk389w9/+IOFbR544AGL8/br18/afuedd9oE
-RVgHb5MYfE3tj4twEjB9cgGkHz/99FPo1atXWHPNNc32M888Y56thyKS5ePbTJ7w4c7m6KOPtpAF
-fUSIEekXX3wxvPTSS2GFFVawejhnv/3tb81E+/btjQnn6IorrjCRvv/++82bJpzC+WIyK9ffu+66
-y9rJ+aquv/H26ns+CUig83le6tQqPE5EA6FGoP75z3/aJ7foXKCIwsorrxweeughEwU8WC5eEuLI
-Ng+4ECIEwD1cxAkvnPjr5ZdfbiJLOV54dWeccUbYYIMNzCtH7LFFeVaKrLLKKuHWW281kaIeb1ub
-Nm3My2ZCYPkf7XPRp41MJggjnjmCtvTSS1sseNSoUfa9f//+Vj/1IfBMIuQ777zzLB/fq2s/balO
-tPwYfeROZOedd7Z6ie+//vrrJo6Ib3V2mPSYMH73u9+ZQNNORJU2w4c+EG5iBQjxbfazDBKRJpGX
-F6GO3r17mxf+2GOP2URH++hfQ/XXKtRbbgk0iQbGwNy2Tg0rS8BvqwlZcOvMBb/IIovYRc3F/tln
-n5n3yzHEES8TTxbvlvAGQoaQcEt96qmnWmyaCx/PDiF/++23TchYrsdDKsQeTxpRwas+8sgjLT6L
-WGHj4YcfDqwSwYNnVQNCi8Bw2064BM+dh24I38cff2zhDrxqBIfJBTvE0t0bxotmH0KPSBFmwS4h
-F+qjH4RTCD2cfPLJNlFwBxFvP8Lv7UcY77nnHrsTYCJxfg4Y+yxHXHfddW2CoV3/+9//jBUTzqKL
-LmoT0R133GE8qAve6623nrWZ9jwfef1MaqwG2WuvvcJuu+0WmJDYhg93Dni+nDPaRV4mV/rDOSKM
-Q39gxwoOlkZyLihPmCp5vqrrr58vlgyW6q/3W5/5JiCBzvf5qbZ1iAiC9umnn9rFi5DhrRECIDSA
-R4wwEh9GcPFY2eZCR/zwUrfffvuw4447mmDx4BBPGrsIwu23327Cj0AjIJ9//rkJCiLN8jIECgE+
-9thjLT/C/+ijj5rgEvtGhBDfRx55xEIqhEKYGGgvAsxxRJQ8tGnjjTcO3N4jwoRkEM3VVlvNyiLs
-7DvmmGPCs88+G1gCR7/wcGtqPyKFKFIvYkXf6WM8uUDTRtpOPvLfeOONJsK0FX7cjcAB7rySAg1f
-RJnVH+QnL6symLwoi+jjXfPgFpsIP33Bi2apHvFqhJ39iPVll11m4R3q4hnCdtttV2N//XxV1994
-3/U9vwT0kDC/56ZWLeNWGE/stttuMzHBc0ZcEKUB0Zro/fffP5x55pnh/PPPN68MbwyxI+HtIuKI
-L4LM8jtCCggJgklCNPDCEX5CEJTHE8abxSN/7rnnrAzxUrw+vGA8bTxK2kY5UlIQbWfsLenR+iHK
-IZ7EhLnN7xktFySsgnDzAK6m9j/11FNWlnYgioRKsFdTireX2Dfl6B+hDsQUxs7RbcEMEYUBQk2b
-8arhx+oZyvP50UcfWagJzsTo6Q+TG+EpwhweC8ce7SYPdRG75nh154v+xs9XbfvrfdBnvggoBp2v
-81Gv1iAWeM3cQuMF41EipnhS/ss4bpuJJ+PN8sAJb5vjeHEkbrV333138zTxaBEExADPjVtpPFtC
-EiQEA08YMUKIERFEgURbCLcwYSCohE2oB5vJFBfB5LHkNp42dfJC2LCHWNel/X43wSRUU0IkqYN4
-MVx5mMcPWLh7OOywwywGTL/iCc+c1RnsJ8TAHQoT5jLLLGN86AOiTciEB4iIMueHfhCvdw8dmy7S
-xNhhymRHvrr0l/PFT9Fr0994P/Q9PwQk0Pk5F/VuiXu7XIhcyDzc4heDeIyIJV4mooBA7bHHHiYM
-xGq54BESPEKEiFt7RDPpzbKNMBImIFGGfQglgpT0kjmGsPBjGcIgCFdNqSaxxiZ5fPJA+BG3urSf
-tiCS2KpNIh+CCsdrrrnGGCLUhDW23npr4xi3BUdCE4Q4vCwerHPzvPCADxMfE6Hnp02eJ94+9nFe
-6S8rcGp7vugvvErZjNvX9/wSqPnKyW/bC98yLjwuQOLACA9eNGJAeAMvDgElRIFYH3TQQbaMDjHd
-YostAkux8AaxgUggJHjR3P4nxZJtRIWQQjyxnxc24mVoC7fhiBXf+bFFqVQf4fAy1Edb69J++ojI
-way2yQWdkM59991nkxw29txzz3DllVdW6bezcNts4/2WSt4Pjnkf+B7nyLanX6q/Xp8+80FAAp2P
-81DnViCqeGDcxhJfxrPiwRsPnAhHuKdJaKNn5Cnzk2E8aR4eIjaELxBcBATx5YESy+YIfXDrjX3E
-CRFEbLHnnjLeKwnPPV4X+xAS7HF7T8zUV2BwLJlcjFx8ksfLbXt+wip4lrVpP30hXMNdRjnRLFUf
-4kkd3H0QHmJVCQ/qCFsQ8sCbdbH1JYqcF9rINnFn6oYnibzUTzgD759j5Iev20m2A1v08Zfob7Ju
-bf+6BCTQvy7/etfOxczFzcXLAzOEmoucWCYPovCeOc6Li5vkwkpZxMqXwHEMjxsbCAefiIh70ywN
-Q2AIc5CIayJaiA/eOsvdEH3Eijw8fCSejUfPigw8TdZS0xbs8OK2nnbRFiaXcl62VZh4o8/Uwy8T
-mUxINbWfvtBeytY10Ub6xkO8q666yvpFSIhQB31xcaV/cGVyIj93EOTjByk9o0kSIUaU4cWDQUIQ
-nBMe0LI0Mt42vlMvkyNtp7+s6mDJIon+MmmUO19p+ltXPsqfHQGt4siObaaWEQW8V2LJ/OgDwUQQ
-iTGzpIslaMSHuaARCOKoiAQXPaEMRBTB4iEWYoKnfcABB5gHTjlirwgHy75Y2sbf8sAWsWzW5/Id
-gdlkk01McPDGmRT4MQeisemmm5qA8Z22UScChXDwkJE6/MVEgfgRnkHkaGNNyfPUtv0sC6QNXq46
-+6Xy0C7ajmCyNpmJgfbiJbuY0n/WfrOkER4cHxCtpEGwicfDmSV25GOlB2LNj3JghkBzTklujzqZ
-uGDNPiYDVtH4+WKFDndMpc5XXfpbHQsd+3UJaB30r8s/Ve1csFzkLpx4VHhs3H7jySGgPPUn5swF
-63Fp1uLy4wi8WsSE23ZEk9t/X3GA8CD4/JW8zTbbzOz4j1f4oQm2KI+wkI/bb7w8hOfAAw+0yQCB
-/+9//2ueJCKMmNMeJhaEDKGi3l133dVWntBmRIkJB9FCEGkbkwKeJuug6St9RswQfyaL2rafPns7
-Ebx4oi4mNZYQUh+TCm0mTOMTB3XiFbOUjfg9L+40OA+0mSWH7EM06R8s4cMdDn2lDmwfd9xx9kCW
-fax0eT5aigcH2kR9W221lYWTYEGdxLyZMDmfDdXfeN/1Pb8EFOLI77mpsWWICKEFhIcHgXjPeMLE
-SBFVxANvEEFDHPD68Lj5GxY9I28aAUBUiU8feuihJrisTiBEgm3KIZqsOGBlCJ4gYoEw33DDDSZW
-xLL5exP8Ao8y5EfcEbt7773XQhzUhfjzwJKQCMLKD0y22WYbEzfK8AAPb5FJhtAH4kXiO/Z4IYQu
-rLSdY3VtP7zcU00Cpv1eH/XAjHo8wRLvFcHlByxMhv6g1VfSwJwljtdff73xIZTBj1+4g6FPMPWQ
-DoLOckRWz3CMvuB58+MWYve8+PskTCr8TQ4mJ1jV5XxV11/vlz7zS0AedH7PTY0tQzDcq+Mhn/8i
-zQUIccHzJGaM14tgurCQhxcXPMf5k5qIEzYRQhKCznpdBB0h6RkJLWU4jpjwB5EQMsQJMSNxu42X
-x4RBexBkxAcvlNtzhJv4M4n2Icq0nfwIF/uoE0+StiHYeI6UYyKiP9RHveSta/spUyrRb154+NRH
-6IGftPNjHCYHnxi8v4glbSFMxHf6Rrydbergkx+4IPq0F2bYJ8yCAPM3OK699lr7lWT8fOFxUy93
-GfDgGJMXoSaEmv2wqO35KtffUgy0L38E7L+8yl+z1KK6EEA0EEyEECFGEPDuEEUEgguav/PQMxJY
-jwm7fRcc8vEQCoFCVBFc9+Z6Rb9UxHMmD4kyLsjEVPnO7TxChpggQNSPmOBxIkxeDzYJfeBlIq4I
-OoLs4QLaScjERRwR5KEafcEL98kjTfu9bPKTdlIfP77B0yWMw6RF2+OJbfYzuZCX/pOX+LQLIrbY
-T38QcNZP0ycEmoebhDQIgzhTt085bCD2cECkmSxoD3VyjPNbl/PltvW54BGQQC9456xki100/SJG
-GLmI3dvloubi5hY8meJlOY7QkxfR58XxUuUQE6+PMnh75Eeo+U4Z8sQT+Unk5zjtcg+VeshPWb6T
-2Ebo2GZ/qcQx8mC7Lu0vZcvr41ipPnsZr9MnDHjxSib6R95kf8mXFGcvSxvoC5MFbYBPPHndDdHf
-uF19zx8BCXT+zkmDtIiLnBeJC5pXbVJ9y7lQ1bauuuavTdvJU9/219Z+ffPVp7+1KZPX/taXk8pV
-JaCHhFV5LDRbtRXKZIfrW66U95i0Hd+ua/542eq+17f91dlsiGP16W9tyuS1vw3BTDai/wpNEERA
-BERABPJJQAKdz/OiVomACIiAPGiNAREQARHIKwF50Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
-M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlI
-oAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQg
-rwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qX
-CIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/
-BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk
-0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA
-4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARA
-BEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
-M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlI
-oAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQg
-rwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qX
-CIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/
-BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk
-0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA
-4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARA
-BEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9M2qXCIhA4QlIoAs/BARABEQgrwQk0Hk9
-M2qXCIhA4QnML9CNCs9EAERABEQgFwTmE+hGTZqGRk2a5KJxaoQIiIAIFJnAzwLdqFGYO2dOmPT2
-22HasO9CaPzzoSIDUt9FQARE4NciYCrcKBLj2VOmhhadFg1b33lzWOusk8P0Yd/Lk/61zorqFQER
-EIGIQIWbHAn0nOnTQ9OWrULXfsuETj17hJmjRwSEW0kEREAERODXITBPgeeGRo0ah7lz54RZ02eE
-WTNmBJ4Vzo3+KYmACIiACPw6BGIuMmIcyXLjRpFYR/Fo2tNA+oy9eGI7uS9+XN9FQAREQARCaFoV
-QuRJRzsQz6bRvybRao65c0ur9JzogWK5Y3Gb5CFvXJRnz55dZTueX99FQAREQAQqCFQKdIX/3CjM
-jgR1eiSgw8Os0HnC+DB3xkwTU4TWBZnPNm3ahGbNmlXuKwc0Lsyep7Fi247iV/nknHAOajvJ/iqN
-VKUiIAI/e9BR0CHMimLQbZs2C01btwnrbbhRaNFlsRBdxYbJxZkNLu5Ro0aFcePGhaZNm5YUabzv
-sWPHhrXWWiuss8464d133w1PPvlk6Nu3b9hhhx2s7F133RU6duxoQqFz8csR4A5mwoQJoWXLlqF5
-8+Ylz98v1xrVJAIiUI5ApQfdJBLdSbNmhh5t24UO3VuFjrvvHpq2amlroxFn94T5jii/8cYb4dFH
-Hw3dunULHrKgErwyEvmnRytDWrWKbEUi3Lp1axP1/v37h0UXXdREYerUqZY3+UZZUrxett023709
-yf1se4rnwRav2qSGKBdva7JOv4Oork3VtYFjpDifZH2l6qAc+bj76dOnj02So0ePrjaUlWy7tkVA
-BH45ApUCPSfynttE3vP3kyeFYSNHhfeffyGENq1C3+hC7t69e/joo4/CTz/9ZGENLvTvv/8+dOrU
-yYQSgZ4RrfzAa27RooUJB+Lht9GzZs0yYcBbI5Gfl4tIsruICC9CKHxOmzbNsuDxuXDNnDnTJgAm
-i3idbou2UNYnAfKwj3qrS+ShvUwu1FWbcuSjLzCgXXynrSTa4Mnz0R/aAQ/6mGyTt9P7nWwDNnlR
-lrZSL3mcDfVTlmPs9zrYjyAjzltvvXX48MMPA3cxnN9kG7zN+hQBEfj1CFSu4pgTCWqzaKnd2Jkz
-wtfjx4bHHrw/3H7bbWFMFKYgffPNN+H2228Pr7zySnjqqafCjz/+aBf/8OHDTZAXX3xx88wQcRcp
-91gRDpJv89338T2ZEBLEixDJxIkTQ+fOnW0ymDRpkgkP4RUEZYkllgjt2rULY8aMsTqx6RMDt/Dj
-x4+3ckwklGUb2+US5Wk/gte1a1crO2XKlGrLUQaxHDlypNmmXPv27U0IKUt93ia4wAsPlnzsp754
-Ij/9pr30m9fkyZNtn7edT/gQYqLuxRZbzOqhLYiy1wEfktfBcV6U9xcTnJIIiEA+CVRenUgo656b
-Rhdwy+ii7d5q0TClR5fQbN4FjEe4zDLLWHjCPTjEc6uttgorrLCCeYyI5g8//BCee+4581zxBOuS
-yI/QbbfddqF3797hiy++MG+vQ4cOZmbEiBHh6aeftpj2yiuvXFnnd999Z3UiiHiMCNeyyy4b1ltv
-veBlEezXX389fPrppybq9CGZyLPZZpuFFVdc0UIzHKePb731lnmbTAbxci7O9HunnXYyPggneRDF
-l156KdA2BJu2tW3bNmy//fYWFqKveLmff/55eP75560+RJNJhLj9aqutZu30NhDDx+OlDMzxgr/6
-6qvQr18/Cx/B5c033wxLLbWU8SP0RB3cCQwaNCg888wzJuRHHHGEtQch53yefPLJNum+//77xkqe
-dHJUaFsEfj0ClQJd0YSK9c94drOmToq80opYMccQHTxLLmCO48UiNmuuuaZ505999pnFmrnoEcl7
-773XyiBitU3kpQ7i1niFfOKp473jDS699NJht912M+FBrPGc2UdcGyG6//77rX2I1jbbbGP1I8gk
-BHvLLbe0iWPYsGHmxbrYImT0h4eXa6yxhnmgCCf9oNymm25qD9W+/fZbE0Mvh6BSbueddzZBRYzJ
-Q4ydNsAHDogudey4446BO40vv/zSPOJevXqFtdde29rMpIY3izAzSSDon3zyibGmf7QBD5w+Es+H
-DxMGkxFhC/IzidKHeB09e/a0Omjziy++aO3DKyesQbvgyCREX71ftT1fyicCIpAtgYRA11wZQoOn
-iQeHF0ss+uyzz7ZbbsT12GOPNZHBCyUkUheBpnZEzycBPMbrrrvObvOJox533HEm1AjNjTfeaJ7g
-kksuGY466ijzHPFQEZv111/f7Nx6663htddes04hznvuuacJMN4ieUm0j/oQPR5m0h9sf/3113Z8
-jz32CNtuu60J7gcffGDlyE878UIRSYQWoTznnHOsDG/HHHOMeeII4R133BGOPPLIQFsJEd1www0m
-2Issskg49dRTw0orrRTee+89azveM0J855132j4mno022ijsv//+5ln7JMQkiWf8r3/9ywSZc0Jb
-8aDx3OkDfWOSo12cD+q49tprbeJAuOnrNddcE1ZZZRUTaGwqiYAI5IdAnQWaix4xQDQQTW6zCXHg
-tRE7xYtEuNmuT3Lx45NwB54oHh+CiZfILT7fERxEllACDwIRWAQG4SE/oRY8ywEDBpgA8x2PEe8W
-IUZcEVnK8ELIHnjggYB3zV0A3i4eJfFi2kLowicb/6Q8Akq7iCkffPDBFrIgBowtJhjq6dGjh3ms
-5MN7JvSCt0s+7hCWX355azNiT0hmyJAh1sdVV13V2kAfCc/QBtpP/bRt6NChJvp40/SBycDrWHfd
-da3tiDD1cCfABEFeuJEfe4SS/GFjfc6XyoiACGRHoE4CjTBwYSNMiAnf8fh4kdgmDxc8glffFLeD
-wOFRuijySSiA/XjsbPsx8vkSPiYIPG4/hk3ahIdN2xF17gbYT3+whWARo0XoKOft8O/k9+Tl6Cvi
-ufHGG5vnToiEiQChx3vHLqJIPsIIv/nNbyptY4u+UL//8IfvPBQkL33kxeTz8ssvW17a6InvtIk6
-mHTY5rXXXntV6Xe8DsTeQxn0AQ58KomACOSPQJ0E2i/k+CfeHhc5whJPCAG38J43fqy2372sC6SX
-K7ef4xyjLXjfeI8II4LkQo2HiUfs4kwZjiGKeM2Ebohb452ykgKh33DDDS0P5eIJuwgpP8AZPHiw
-xeOJlXfp0sUeZCL0Dz/8cCUfOBHbjrOivbyIBeP5k7yt8e/kcWG1TNFbfJ/3sVwdHCdeTn8o5yle
-l+/TpwiIQD4I1EmgaTIXNBc4nigix0Mx1tIShyX8gDDj9XHr7N5s1l11wUGMCbOwTVuIrxKTdQHm
-GOJICMb7wTaiRj4Elf78/e9/t7ANq0jwjEslyuOxE5LYd999LaTyyCOPWJ8JexAPXn311a0u4uh4
-uYQ1HnvsMRN/wh60EWEm9YxCMxyHHR4+EwZ8qYeQEg9jmQyoI57oK/kI4Xgd5OHBarIO+o2n7rz4
-hBl1KImACOSPQFW3d772VYixX9BcyHhiLBvDY0SI+Bk3KxEQB8QFQePBF3FVxJoy8fJUwbbvS1bp
-YhE/Xu57vCx5CGEQn8Z7ZsLgVh8RRITxTo8//vhw0EEH2eQS92Kx4+1EJPk5OitE8KYJWSCA7nV7
-neRHoBFNHkqyysKX9BFXRlRpE2VJQyOPnNgvDyqJBXv5Aw44IJx44okWoqDteLmsTCFsxEM9Hkwi
-tKzsoF0IMQnb/qIvtI+7GeogjIIN6uAcHXjggVYHYsw5InGMcoRiOHdsK4mACOSLQDUedIUYE78k
-rsnFjDgjCsREEYN33nnHBJoVBoQTuMjxREksEUMcECiPlbJNQiiwi71kciEkD3VSH3bZTxn3+NhP
-4pP9vMhHXcRrWXmx+eab2xI8whrEgYnTsp4YkXJBog0IO+1HrHiY9tvf/rbygSICTF4mJa+PT8rh
-jcKBJYY8tGQFC5MD9liHjJjCgYeor776qj1IxD6xcY5RnnwIOvboG6s8WAfO0j08cPqHZ4+XT79I
-zsDcj1kAAEAASURBVAG2HKcsExAxb0IYyy23nLUFsY/XwYTCuaNuJi6W75111ln2K1HCOog7tpRE
-QATyQaBJdEEP5H9OmTN1WmjRuWPos+kmYdr4CWHwXXeHZksuHjp37GSCgHfHwy9EhIsYESIEgPgR
-ayacwcWPKPBLQ26x2YewIRKIHyEGbt+J0eKhIm4IoCeEENscR4SoE08U0WU/8V0+WQnh4s82HimC
-42uXESAEl/YgytSJl8jDPEQOT5dy8UR9eLnURX9oM21EWOkr/aRP7hF7WfLDAaGkLvpMn/wHOwg2
-7aA+8lGePLSBOtn3+OOP2wREPlZccOdBm/kFJO0gDPLss8/aChnKIcaUZQUNoab4pAUD6iBfvI4n
-nnjC2kBf4MPkR3vZhhX1cvdAP5REQATyQaBRtJRrbqOmTaL/4ioSz/59w1bnnhXGfvNteGyPfUP7
-6DZ7avSgjIdlfrHHL2Auctb/Io6ICV4uAu0XPnnx2hB2RM+FljJ89+VecRSINPaSdbKfuCzHEDi2
-SXwi4gggdZBoFx4nAkte6kKUEDK2432wAtEbdmg/+RBHRI7vtJE+VNde7NFvF0YmDyYjmCB62KVN
-tBHxRcCZuOgjfWJCoizH+WQfjPyhIbZpNwJOXaX40A/6UFMdlHdm9InvtA02pbg4H32KgAj88gQS
-Ar1M2OrcP5lAPx4JdNu11gxhVsUf1+fCL5UQFC5sDxvg2bHt+REAXuxzAUAQ4ttJu17Gbfjxuuyn
-DvLTLuqiXWwjluUSxynnZRAtkrfV21+qPPaxTVlsJDlQBvvw8nx893Jx2952JgaSi6fzwA4v37ZM
-895qWwd1ez+pT0kERCB/BCpi0NzVRhd8pESVf17Um+ri5NvJTxc8LniSb3u+UuVLCYvn57NUmbru
-9zpcfHw7Xk/yO/XSfi+T7Esyf3wbsSMhuKRSZbFPPkTU83k5KzTvzdtaF6ZevrZ1xPtJGSUREIH8
-EahQE7R5TnSRRv8fYbPo9rtpdOtrmh0iz7eWbc7rRV6fdtWnjGOqTdna5MFebfN53fHP2pStTZ64
-TX0XARH4ZQlUCHQkzo1bNA+zoweFIz7/MkwYPiI06xz9OcwyYY1ftomqTQREQASKScBi0NZ1vOjZ
-0R/H/+jL0KRr9LPhJbrgwhWTinotAiIgAjkgUOFB05BIi1lu13qNFUyY51bzMC0H7VYTREAERGCh
-J/CzQM/r6tx5D7sW+p6rgyIgAiKQcwJaX5XzE6TmiYAIFJeABLq45149FwERyDkBCXTOT5CaJwIi
-UFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASpeSIgAsUlIIEu7rlX
-z0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo4p579VwERCDnBCTQ
-OT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARyTkACnfMTpOaJgAgU
-l4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqeCIhAcQlIoIt77tVz
-ERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq45149FwERyDkBCXTO
-T5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASpeSIgAsUl
-IIEu7rlXz0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo4p579VwE
-RCDnBCTQOT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARyTkACnfMT
-pOaJgAgUl4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqeCIhAcQlI
-oIt77tVzERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq45149FwER
-yDkBCXTOT5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwTkEDn/ASp
-eSIgAsUlIIEu7rlXz0VABHJOQAKd8xOk5omACBSXgAS6uOdePRcBEcg5AQl0zk+QmicCIlBcAhLo
-4p579VwERCDnBCTQOT9Bap4IiEBxCUigi3vu1XMREIGcE5BA5/wEqXkiIALFJSCBLu65V89FQARy
-TkACnfMTpOaJgAgUl4AEurjnXj0XARHIOQEJdM5PkJonAiJQXAIS6OKee/VcBEQg5wQk0Dk/QWqe
-CIhAcQlIoIt77tVzERCBnBOQQOf8BKl5IiACxSUggS7uuVfPRUAEck5AAp3zE6TmiYAIFJeABLq4
-5149FwERyDkBCXTOT5CaJwIiUFwCEujinnv1XAREIOcEJNA5P0FqngiIQHEJSKCLe+7VcxEQgZwT
-kEDn/ASpeSIgAsUl0LRk1xs1inbPnXeI76Tktu/z477Np+9Llmnoba/T66vvdnVtLmWTfWkTLOLt
-TmuvPuWTbUhu18dmskzSZkNvJ+vTtggsqASia4PLI5bmE+jGTZrEDuurCIiACIjAL0VgzuzZVar6
-WaAjr3nOrNlh5Pvvh1lRFny7pK9TpaQ2REAEREAEGoQAWosYd15p5dC4aeQkz61wpU2gGzVuHKZP
-mhw691g67H3qTaFFy5Zhtil5o2DRjnlyTZmG26ZfFY34+VZ/rrUr6zqoOV5n3bbJPTfiUBGeqOBY
-0Y+I1s89ikUvfs4zj2eUPeqptcHMJLepwQo5/3LbnA9vx7w2VG6XbufP+SuOw4Ei5ds4r47KNtZy
-u7IP1ON1VLSx/La3qaKOn9tUdTuyRsaKxFfMxnbNO6IPEcg3gXnjlmu9ceMmYca0aeHxm24Oo4YN
-Cy3atg1z58wx0bZOcJHOnjM3TJ4xI8yIBJuDFWpsV2ZFR+0iiN4qrpx5F0V8mwzJ/BW7KiqpMGPv
-NI5kglJdmVrarLRXYdYu2nlfYwpUsednRZq3HX14efbMq7Li4LxtNjxPyTbHOczL63b49FTFRrSz
-LEsKJGzWZduKz2tAlTqjjcrtlHVYv2J1JLfnmZ+/H9GBWrfBjFYUoEySPXUoicACTgAneebMGWHO
-3DnREPcxHw33VVddteJSQSiiTHPatY0+owx2Mczrdfy7g0ju+zW2aYv3hfpJvs33hmhT3GayjuQ2
-eT35MbaTbYrv83y1zeP53UZym/2+z23WddttePn6blPObTRkG9wW9pVEYGEgwHUSOciNJ06KPt05
-rgh7VHRvnlfZZOy4ny/whaHj6oMIiIAILAgEIpGeyyKNmAf980PCeR2Y2zTahZrjpfhnuc4ljye3
-y5X7pfcn25Xcrqk9yfzJ7ZrKlzuetJPcTpZLHk9u1zV/snxyO2lP2yIgAtkQ8GvPQ57zaplPoC0m
-6reQ/lmuScnjye1y5X7p/cl2Jbdrak8yf3K7pvLljiftJLeT5ZLHk9t1zZ8sn9xO2tO2CIhANgTK
-XHv6JWE2uGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZc
-ZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARS
-E5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigD
-IiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0B
-CXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUE
-REAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BA
-p0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiAC
-IpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2
-XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAE
-UhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0Yo
-AyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpAN
-AQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVV
-BERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQ
-QKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIg
-AiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0
-NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERA
-BFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdG
-KAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQ
-DQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0Nlxl
-VQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFIT
-kECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMi
-IAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJ
-dDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQRE
-QARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECn
-RigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIi
-kA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZc
-ZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARS
-E5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigD
-IiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0B
-CXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUE
-REAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BA
-p0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiAC
-IpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2
-XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAE
-UhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0Yo
-AyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpAN
-AQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVV
-BERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQ
-QKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIg
-AiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0
-NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERA
-BFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQDQEJdDZcZVUEREAEUhOQQKdG
-KAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0NlxlVQREQARSE5BAp0YoAyIgAiKQ
-DQEJdDZcZVUEREAEUhOQQKdGKAMiIAIikA0BCXQ2XGVVBERABFITkECnRigDIiACIpANAQl0Nlxl
-VQREQARSE5BAp0YoAyIgAiKQDYGm9TXbqHGk7Y0aVRSfOzfMnTOnvqZUTgR+dQKNo/HcaN54nhuN
-5zkaz7/6OVEDQqi9QEeDtlHTpqFRkyYmxrOnTQ9zpk41ho1btQpNWrYIiPbc2bPD3FmzfhZvURaB
-HBJAhJtG47lJNJ5nR2N2xowZYeq88dwqGs/NmzevPDYrGs8u3jnsipq0EBOonUBHnkXjFs3DzAkT
-w7TPPovEeJHQevk+ocVSSxia6T+NClM++jLMnj4+tFxuudCsfbswZ8bMEKKLQEkE8kYAsUWAJ06c
-GD7//POwyCKLhF69eoUllqgYz6NGjQpff/11GD9+fOjfv39o165dmDlzZjScNZ7zdi4X9vY0WnXV
-VcuPOrzmyMMglDHpnXdCh/XXDz022zh06d8vtOncKTRv28b4zJg0OUweNTqM/PyLMOzZF8O4V18N
-bddYwwQaj7oyFLKw01T/ck0AgcVjRqDficbz+tF43mijjcIyyywTOnbsGNq0qRjPkydPDmPGjAlf
-fPFFePnll8Or0XheIxrPlMfbljed69O8UDWuvEAjztEt4Jzo9m7Gtz+GFY46JPTZdKPQrmsXG6Az
-oxDHbLzkKDVp3iw0a9kyGsBzwsQRI8NXz78UPrn6xtB86SVC48iGQh4L1ZhZIDvjIQ084REjRoSD
-DjoobLjhhmGxxRYLxJ+nTZtmXjKda9asWWgZjWfi0D/99JOJ9E033RQWX3xxC4so5LFADoEFstFl
-BZp48pzIW5g1cnRY9+xTQo9117aBPGbosPD9Bx+FMYO/DtOiW0BSy+gWsWPf3mGpVVYKHXv2sIE9
-7PU3w+vnXhyadukUGs+LW9eFEBfUwuap0CcufD6nT59eq/6Rl/RLs6hPW+tyfn/pvIgw3i+e8R//
-+Mew5ppr2nj+9ttvw0cffRSGDBkSxo4da+cGb7p3795hxRVXDEsvvbSN57feeitccskl5mnjhdf1
-ISI8aQPJz2kWDLD9S48V+kGdjG1i+ZrAGu7MlhboCDYCPW3IN2H9888KvTdcP0yL4nVfPPVs+PTG
-W8OMb4aHxot3DHPGTIxaEg28ju3DnB9Hh+Y9lgjLH7Jf6LflZqFlFLf7+uVXw6tnnBda9u5escpj
-ntgkm9+iRfSAMarTEwOZ15QpUxaqW0r69O6774b27dvbbXV8IHNhceETG/UEE/Yh5gz8OCPPk9Wn
-t5X4a79+/Rboiw5u9Oe7774Lp59+elh33XUDYYznnnsu3HHHHWHw4MEWf+bhIImHhT/++GPo27dv
-2HvvvcOAAQNC27Ztw+uvvx4uvPDC0K1bNxPockLLeGYywFunbvJhm09s05a0CVt4+ry8Hdjl9Utf
-N/SRvn788cc2rhkzCgWlPcMV5ZtEt20Dq5iKTjwPBCe99XZY6cTfh/5bbR5mRIP5/TvuDu9ddElo
-3bdPmD1rpq3a6LDGyqF1r25h5tjIk27RLDRfokv46rY7wpwolte5X9/QsVfPMLdN6/DtnXeHlj0i
-kS6zuoN4IBePv/Bqvvnmm9C1a1e7pcRbcXHywejb8bZXd4x8pY6zL26rpu1ydnw/tpL1uE1E4YAD
-DrAHT59++mlo3bq15eU4QjxhwoTw4YcfVnKABxyw2aFDhyqDPlkH9XvyY2zH+5Y8XuqY55k0aVI4
-8MADw3LRQ18uPG+rH19QPmHBpPf222+HY489Nmy22WYmYPfff795xD169Ai8EBU8QISUh4Z4zqzy
-uOuuu+wYYk0+8txzzz2he/fuZSctxvMPP/xgNpiEiW0j7t9//71NBM7dz5Nvw5R98e1S+8hD295/
-/30bH8nrpkuXLjaesrxu/PzTVsJDnTt3Dvvtt5+1n376naLn02f9CMw3lRN3njl+Yuiwwfqhz4CN
-zJP+4slnwsdXXBU6rr9emPH98LD8ofuFzS85Pww47aQw4NST7Dv7OEYe8lIGLxwb2MImtj0hSO5B
-PvHEE+GTTz4xIeATL/OGG24II0eONE+HwcigxFtgsCMWeAo+wLHJQOHi4njcC/X62Mcx8pCXsrSB
-gURim/1Jb55tr598lPE28N2Tl2Uf7aOc22Sbi56HTr///e/D4YcfbqsEfBCTl35vtdVWgVtpvvNC
-rB9//HHz+PDy6IO3G5u0AybJhL14X+PH45zoVzz5McTqyy+/DH/4wx+srdz+O6d4/gXhO31ktQYP
-BIk5M26ef/758M9//jOst956ds4RGO5Q8Prc82UfPMhDXrxtymIDW9iM8+MY4xk7zz77bLj22mtt
-UiDG/dprr4W//e1v4YMPPjB7n0UroThHPl7dC6Y+OGPLE9/ZxzFPbDMJXHnllXbNMIHGrxsmV+66
-GIuMl/peNz7WfLzTFvaR+GSbcc2qF1a7nHnmmTYBMnbom+f1duuz7gSqXqFReVZtTBv0WVj2rNPt
-geDoIUPDp/+5LXSIYnbThn0X1jr9hNB7g/VCdHYqf5zSssMioVMUe263xOLhrb9eZnkps+Rqq4RO
-vXpGKz82CR+cd2Fot/batk6aZjLgGNDM8uuss44NbAYdgw+BwHtbfvnlTZyIFzJIhg2L4t/R7Exa
-eeWVbZAzEF248FJIDBo8Py4yEja5OHydK/YYtDwswt5KK61k7aEtgwYNMk+Ji482MtgQQ7wSLqpx
-48bZxYFd2ke4gnq4xaNsnz59Ko+vtdZaZoML1BN2Xdj9oqMt9AOvjba999579nCKdiMG9BUeQ4cO
-tQdVeNqwInG7zYu+YY8ylMceCXskhANO5HFOeIQsLeOWmHbxSrY1LhZmaAF7gzVL6U4++WQ7h4yh
-22+/Pay22mrGKO5lxrsGJ47BkbyEQhgnMGPlx8UXXxw4vwg6CU6MZ14whyXpmWeeCaeeemo48cQT
-wxtvvBH++9//hlVWWcXEi20S3vhSSy1lMXDO3QorrFDpZDC2cFh8H21ivJAYF4xzJgTay10WDz+x
-t8UWW9h1xXioz3VDPYz7+HiPVnxZu2gTAsy4YbIjIcb0eUEfL9aZHL3NJ9Bz58wOTVq0D4v172cn
-/YcPPrSY86wpU8Pyhx9g4jwnOhlzows+ylDRlWhQIuwI98SDR4RPr785zBk5LlC2c+9etiwPm8lf
-GzKoEA4GNbeg22+/fSUavJZjjjkm/PnPfw7nnHOO7d9hhx3CCSecEPAQbrnlFosTIojDhw838Trt
-tNMsLPLmm2/aRbj66qtbOQQJgWMbQcabQfC32WYbG8h4rQwwBHiXXXaxmCQeEoN0xx13tIsU8cUO
-Nv7617/ahclFyz6WYGFv3333NYE744wzbA3tfffdZ23EE+XCpk9c8O5ZJD+pj8H/r3/9K1xzzTXW
-9kMPPTRcf/31YZ999jFvlvLwGjhwoE1kXCAPP/ywiQWTBO3hIkVUuPX9v//7P7tgl1xySRP9r776
-KsAJz+7JJ58M//vf/ypjsgiBtxXvzEW+8qQsgF8QUCZs4uiMN7xNGOAUwJp91SXKI3LcwVC2Z8+e
-ZstDTvGy2EKgsOvCfdRRR4Vzzz3XHAQmW0SOCRYv2s/DU089FbiLZDxuuummVg/CyPjAMRgQxcAJ
-iXFH6c4I9TJeGPtbbrllZTMeeuihsPXWW4ftttvO7BAiS143lOEhKA4Kd0fJ64Y2Is4+ti+66CJz
-ABi/THiU5XpgDJ1//vl2N0HMnnGp1LAEqgg0IQl+Idh6hb6hTaeOYWY00MYMHhIaL9EpNIlmx26r
-r1bhOUeiSt7KFA1MW+/cvHnotsZq4Yvb7g6zojKUxQa2sDkr+t4kyhMXagY0A5sBQdp1113NY0D8
-CAUQ+yOxzGmnnXYyccbDJpaLWOOFMGDuvfdee0CBsFJu5513tgc8lL3ttttskHIMj5dYGYOQi/SI
-I44Ip5xySvj3v/9tn0wGfD/++OPD5ptvHhicL774Ythrr73sFu64446r9BIQz0svvdS8KS7E8847
-zy4+vKEXXnjBBBkPaoMNNrD9tB+PlaVbJA+38EmCAy8Xbva5R8LFSNp9993NG6MMInDYYYeZmHOR
-UZaJi74jAt7X3/3udybWLBMjftor+lEGIkL7mQh4cIb38/TTT9stPD/QSLbVKl/A3mCHA9AzEtVF
-F13U+swPUDgH8IRXTYk85KUMYgY3VnnAENt4s35usMV3RIx8JCZznqkwsTNpcpyxjqccPw//+Mc/
-TKTJ/9hjj9mETHnG9SabbBL2339/cyA4p+6d+7VDPk/UzfihHsSZUCHXFE5N/LrBiaF+xgPrwEtd
-N6x2Oemkk2wMMjFw3XAngEOAI8PYZwJhMqG/tCvOwtukz/oTiKlsZITBOHVaaNGls/0IZXY0AKeN
-Gx+t1ogu9uWWMaE1cS01sKN9HGsTDd52yy5jZSjLWml+0NJisc5mmzqiEVTZYj+hPqB5eMMtGQ90
-GBTcyuN5IDqvvPKKhQF+85vfmKeMiOIFMJBYEkV8F3Fk8JEfT2K33XYLe+65pw1+jjGouF1k4J51
-1ll2gW288cbWHurh4uHWlTQg8lzwlKiXRD0s09p2220rRZDbVxIPADt16mQDlH3cUl9xxRUWk2OC
-oE486rgHhHhjG2EkcWFx0TH5kJf4M6sG6A9eP+mQQw6xOvDaEQ3CHggtibsE2DzyyCPG4fLLLzcu
-TB4w/fvf/26ePBMYYo0XxzESt+xMSEyMxBMRBtq6ICfElXHFAyzucLjDYCkdk5uPu9r0j7yU4dxj
-gzGCTQ8r+YTKJ3dh5MfrZjJgH04GIshYItR22WWXhZ7RpBE/D0yi/CCGux4mdE+MRR444mEj6kz8
-jBsSHit3Bw888IC9GEuEX5ikyY9TgTj7dcM2D965bvCiEd9S1w1lmNAYx9xxUsb3/elPf7K6zz77
-bGOADa41QoGMF3nRhqfB3qp40A1itWanpEo1DHwGPQ9jGLx4JOwjrspARFS4hWPG5oLAw8UbwMvj
-IiFxK47nsHYU4+Y2FKE58sgjK70GBg3izK0eA4tbN275KYd3QxyPtOyyy9rDFuomMXipB6Hl9o6l
-Vgimx3/xdghHXHDBBXYR0A+EFWEk4flgHwFF9PDU99hjD+sjbf/Pf/5jXgdCwndiegg0ng0CSp8Q
-A9qPt4Yoc4HwQAg7eCyjR4+2uLcvHcOrpv3wIi93GLSbOwZilmzjwTMJ8OALZtwVMDkhDgcffLC1
-lYuTiW1BF2k7Eb/QG+cRXowrJnc+OW+EjRgTTBKcJ84F54GQBZ6xnwfuCPFOET3CZZxLPFQmeMJ9
-OBuMBcY/55/vXCuMUxLfGT/sJ+HZMg5ox8AoJIaXHL9uaJtfN4wprpujjz7aHlTjvCDShLpoI2OD
-PDgaxNiZcAjNeCju6quvtvGu8WLoG+ytqkDjwbVqGaaPHBX4+TY/5+YBYONF24cJg74MkyMPgu1o
-BJi3XaUVUVnCHpNHjwkTBw22tdHk5VeG00ZNCPy9Dv6oknnP0UD2hLfBwGbw4OUhSAwoBIv4Mx4E
-A4EQBzFqBhhCxsD1B4YIH7dvDGrWreJVM2Dc88UG3iWeBZ4ut5CENkgMOkIdiBTeCGEKhI0BTdwY
-D5XEAzzqJdbG7Srt5jtt5aGMe8FcJJ64HeUiISGaPKzy20Ds8fIBzW0zHLgo//KXv1j7KYdgMglw
-C0zYgYv3qquusgsLcWaiYWKAB7erXDyUgR8XMuzwuvHWqBuBYBKhLl7uEeLdlWqre4e0ZUFLtB1P
-Fk5+h4PoMNFztwPrmhI2ED3KcI5wIBirrFzgXHMcjp4YI+SBJcKGt8w45hkL45FxlzwP2Oc8ENMl
-VIU3zd0fY4sX+/iRDOOMNvt5Yuww1j0MSBvuvPNOC3sRs8axuPnmmy0eTZnkdcMknLxurrvuOhNj
-HBrEm7tS+sd459pkUmFS5xh1kxBrd2psh94ajECVEAchCv4q3ZRPvzKh5efbHfv0CnOGjw6zp0wL
-373zXhRkiwZkk4oVHAxOeyGy0b7oLFoeHihShrLYQLSnfDLYbMfjz/SCAciA5ddcCBBPnxFiBjW3
-azzAQ4AR3kcffdQe2vE0Pb70C1HiYR5eBTM6Awqh5ZYOQWLJE+EAvF/qQcB4mk4ifED9xNe4hUX8
-EF7CGFzMrDUlcVFy4WEb4SMvt7PsI96LDRI8PHF7TR4SA5rEhUgZbld5mo/3zgsPHQ+L8ggBiQdG
-/4mElltc4uwkBJpJCh54xIQzsIcAwYuJCe+bhzdMPkxMMMHrRwiYnIhjwwfPDm7E2akXO6R4W+Pi
-YwcXoDdEBRFjrBDaQKzhyPmFRfxcVdct8lKGOxtscO6xiW3qiCcEFH4IMuMVcSUfY5DEWIEp54Hx
-ymTMeWDce+iC0BNOA3eVLM0kUZ4HnYwV9pOww4tJmrs1ko9r+sm5Z5wwRrh7TF433JElr5uBkWNC
-rJwxjofNHSshEa5HHj4zcSDMsPOxzdhHuGvL0xqqt1oRqCLQlGjUOPrzi9PGh5+iP3wE8CVXXTn6
-mxpdQ8vuS4ZBN90ehrz6WmjcqEloGg06fsLNiwd/jaNyQ159PQz6z+1R3qVCs25drSw2sDV7ejQw
-o4GeTAww8jDwSYQziMEhrJ6YnREPPBA8AzxlBBexI/GQiyfzeLGsoOC2DO+VgYvQIrJ4JQgRT8oR
-W/c6iN+xzQWBaJKoh8HLAORCIhEP5sLjYuKi4QEMt4MkPFe8Hy7W+CAlZMOFgtfEigkmIPIx8EkD
-BgywevkkeXnElsStL7eaePJ+oeLpEjZ56aWXLA+3yyQubmKBTEDElYlZczHhOXFh0jdEBu/n+Wjl
-B7F4RIaJiYSAsyKGPtFWJkna6owt0wL4xjmDATFSzg3hAPrpt/c1dYny5KUMZbGBLWxyLJlc+Pkk
-EcvH+yU0wDjBw+U8MN78PHCXxl2OT/LEjxk3eKassiERB6YMLx8v7GfMMIETmyZxJ0i7eLBNe7HJ
-eEb0a7puPIzHuKHd9GGz6Ic9iD53cLSJ8cExYtgcI2EbZ4JreEEfL9ahHL1VjKJYg1iN0XLZ5cLQ
-514ME6NZkb+tsVz08+1xb0drlHt0C29eeGn44N77w6ivh4TpkbDxGh19/+Ce+8Obf700tOzZLcr7
-dvRjlv2tLDawhU1b6RGvKxrsJDwMH5x4ncze3FLywmvgwSGiRByPMAGxX7xNQhIkBjFiQh48F2LC
-LANiyRHCyuyOR8kxwiJMCtgkxIDwUY6EIJIefPBBu5XEU8IGg4/wCBcYng6TBIOSC4V9rENFOOmH
-e6FcSDx4I2xDu4mNc7vLLaVfvFz43EH4oKZdDHImHMSTskw41IVnT0KYmXR4AEUeLhomkoMPPjhw
-e0pfmYi486Cv1EV/SExcMCMPx5mc8LrxmFgKBgfEhLZyQcbbagYWwDc8Wp4twI3YO2ECliwyYcEN
-PvFJ1bvIPo6Rh7yUoSw2ED9sJkMklOEVHwc4BEyynAPuXPCYuXthvOCJch4Yi3jA3Bkh5ITzCMtw
-HXBOmWAJT3jIw2PM1OWrSxB5hJqxypgljIXDgiPB+GOcJ68bJoLkdcNYY7LHMaFdeN6Uxdng+Q3X
-I4mH7ITVEGrGCw8RGb8+/vmulJ7A/D/1jmbkpm1bhwmvvR6aRwOy63L9w6Ldlw6zo59sfxMJc5v+
-/cKPz71sovvjoM/D0JdfC4NuuyeMfOOd0KLbEmHsG2+GFY47Oqy48472l+wGPf5kGHbL7aFVn97R
-2unI45134vwCQJgZ0KzB5UVYgWOcYC4AhBixRVzxivEYmMHx8rhY8Eb44QHrVHnwxkXFjy1YRcFA
-ZtCzbI7bfmwhejx4RPAY+HhC1MUA5wENXjdCxT48DzxL2sR+BA4xZVBzq8rFQ8iBi4q6EFzqpk3E
-OBFIJg++49Vwq/l85L0irvSVi9S9ZhiQhwuRQc+LBzPcJvNwiNSzZ08TTtqDkGMDr4e24NVhmwnD
-+0qfmBTIwy/gWKFB2IMQCtwJ73BnwYVP+7kosU07qBd7tBUGCPv/t3cmQFpVVx4/LCoNNPvWbAJK
-WAV0ABHBIEhSkSRGxolJWRqFEU3QWJNK1DhxRK24JGPKiktM1SRWxZpEJ7FcaibgFmM0ImFYHIMR
-BG3WZmm62UEBM/d3Pk77+vFtvdB83/vO7fr6vXe3d+//nvd/5567PNql2Bz4YjtlYJgXMoO19MgY
-OIWAwMqImjZHfsAGokH+IFAG6Hgp4o/cgSMvRmSBNLh08my4IZcM9JndmxcoRAjW1g7YelEIiMsK
-UsYMkFV6OpAibWSOOlE26gWRQ/TICzKArCOT9JS4B+XnuSF+Ps8N5kSeK0wp3BuZRl5QnFj2Trkw
-sVAf7PCEYT6CsOnFQuTILfgWo7wYxoVyzL5ZUuXG1GZJYQHKoUACq19KbZZ0ePN2adO7mxytZbOk
-YLPsGjZH2VYjp/bvJSOuvkKGsVlSEIoP/rw4tVnS4AGpuc9pHnAE3EwL2JKjQk/eNDLkhfAiAHFH
-Fx+yIgzBMgdp4k/+CDddf3MILAIIGfJwIlAIOJok94OgeLhIS5kQUs6Jy+h71KEpU2a0fR4ISIDu
-KGmIjxaEf9xF62r35GWSro6UizJBohAIxGwO4iQdhMGLgzpF68qDAhb484KirvzMsRoSnMgX00qu
-slq6YjrSdtSPF6ZtloRZixcQL3cw5wVsA7y0JdooZg1suGil9CYgeXpnELy9WOM4cK+oPCMHkDD+
-yBSOlyUvPu5hDnmE7FAKFgQ7MAoGYyZo3BAiZTKHvJCn5Wf+dkQmkXniQJ7pZMqeGxQbiNYcsgIO
-yDRyEZd3k1vCIH9wiDoGF838SJ3dNQ2B9AQd8sRezF7QR6prdbvRQeeGZcvBb2fYbnTLyv+TnWvr
-bzfa/cwhanNmyTcDgZVLlspbd4ftRrt3Te0JHWvIaLHRBCAfhCpdoxpJQ9SEow3gxzmCyzlkSDjn
-ON745IlDUBEoHGkQPsI5t7zRmCAxcwgp94mXCX/IEke43R8CoB52X8ubfCkb18THIdR2f/UI/ygH
-+ZI/cc1ZXNLiz32MUElDXagf+REnV12z4ZRvWa1sxXQEN+SBHhMaJkSDHyYAuugQJkoADqLkhYcN
-F7MGbUAPDvMPvR4wjhNTFIu4PNNOJh8me7ShySvtipyhMaPlQuCYUTB7oAmThjyijmtry6g/dUQW
-cMThHg15bigH9zMZNHknL34m75xTB2QGRxrkl/SUwdJroP9rNAIZCTq0RmrD/gD8YTZI+uYcYeOj
-8mB3gj8OhwUtR0IYrm1opFPC9LyQRO3WumH/o78MGnUfaR3CMu1i1+hSe0JHoIEIQCgQK0SCSeDq
-YLOHCOl1QCaQGtouDkKD/HD0yrBfYxemZwQhnQgCogy8IHh5cI8FQYvG3AEJnoj7aeX8X8EjkJmg
-KTokHd6KMLJ+8mrK+TLowgt0n44OPbrJqaHLjGM70v3VNTpbgwHBXW/82T95pcj4v0JCAJJGy4MM
-MQ8wWwiSxsaL1owJCIepB7JkcAxybqlPXlE2M1tg1qKc1nMqJBy9LC2HQHaCtnIEQWkdFpywZSg7
-3dV9NLbXsZV828NHY8PcaabntRsePhrb2T8aa9D5sfAQgPjQUrFDRz8ai8aKwyZbGQZYMYcwqIj9
-OZ2ZoblrxguElwTmEF4SXLsrbQTyI2gwQpsOXUQ0ana8Y1Ml9u3AsfqQBS6tWoewYAd1k4bC4v8K
-GAEzeaC1oqVi3rCBOOyumDksrCVNDEbKvETcOQJt84YgCIySbxBmHItT2hyz00Hefz8SiFmOLZ11
-4cobVo94chAw8wHkjEOjhpRxkCT+FtaSZNmS99LK+r+CRiB/go5VI75kOxbsl45AUSGQbVZGUVXE
-C5soBI5bSZio2nllHAFHwBEoYgScoIu48bzojoAjkGwEnKCT3b5eO0fAEShiBJygi7jxvOiOgCOQ
-bAScoJPdvl47R8ARKGIEnKCLuPG86I6AI5BsBNJMs2MDofobzycbAq9dMSLAfOFWrdAv8lttx9xm
-n2NcjC2d/DJnk83jCProJ0ekbZu2+gvLT7Kgw0qnbOHxpLni5wqP58d1PE1zX6e7Z0P98ikTeUax
-jKbhHNfYcNLG84jmHw3nvNBdINrwd+Ro2Gkx/NqE1avZnAk/y6fdOQKFiACKA3JqshotY4Sg+TDk
-EenapZt+KSGX4Ecz8XNHoKUROBq2G+DLMLt21ShJR19fVhYEnhWCtt2r+fvRESg0BJDV+FavlLGO
-oDFrtAmaM5+xKWuX2gvZu4SF1oxeHhBAmFmW3atnr7Dh0R7dmzmdrOIHObOnBmncOQKFigA9PGSV
-fV+iLkLQYSvG0F3kxx4ELtBRmPy8kBBANpFRiNc2NIoTNHEQevxdlgup9bws6RBARpFVfmw7YPJc
-R9AkMkG2wHQZuZ8jcLIRMEGmHCaz8TK5DMcR8etiQSAqu/VHTmwsqVhq4uV0BOoGQB0KRyB5CNQn
-6OTVz2vkCDgCjkDRIuAEXbRN5wV3BByBpCPgBJ30Fvb6OQKOQNEi4ARdtE3nBXcEHIGkI+AEnfQW
-9vo5Ao5A0SLgBN1MTWfTvWyKjF03Nfvmyqep5fD0joAj0PII1JsH3fK3L447tm7TWlqHjXniq3yi
-pWdlG2RKnLZ8/TxMOD98+HA0St054bh4fqRh4YU5I3viOVEbKn5sLgSQL5MrkzW7jt4jU1g0fTy+
-5WNpo+GcW3jc36/rI+AEXR+P464QsOod1bJ/337p26+vkm9cuFixtnHjJjmw/4B06lwue3bvlfYd
-2kvfvhW6KiiaKWk3rN8QvFpJRd8+SuT48RI4sP+g7Ni+I6ySOxLI/Yh8cvQTKQ/59e/fT1fFsXou
-k8BH7+HnjkAuBJA59n5AnpBfZIujKRrR9MTD2VfPOUdpIA1+UZkk348//ljzQhHhPP5BXuIQZooK
-+blLj4ATdHpc1BeBra6ulm/fdKMMHDBQfvGLX0hl5Xrp0KFDndAhnDU1tXL55f8k0y6cJp07dw4b
-+OySP732J3nmmWelW7duqi0QD42a9fb3/ei+4PeJPPzQI+rXvn2ZVG3ZKrO+eLHMuGiGCjzCu3fP
-XlmxcqU898xzUhbi8DA4SWdpMA/KCwEIEnk844wzVD7ptUHCVVVVsmPHjjriJB7PwKhRo1SG161b
-Vyf3Z555ppSVlcmHH34o+/fv1zTIZrt27WTEiBFKzBs2bJChQ4fqhlVG4uTJ/bjPpk2bNAw/d+kR
-cBt0elzUt1XrQL47a2XkyJEyavQo6dSpk3x06CMVWiJAolVbquRb86+XedfNk4EDB8qhQ4fk9NNP
-l2vnXSvf/Nb1sm3b9hCvjcaFyCdMnCDnnjtRJk2aJBMmjA/51yjxVlfvDJpyf70X+ZSXl8uIkSNk
-7tw5cufdC/SBQmvhgXHnCDQFAQhx2LBhMmTIEJVLtFzkDTnv27evKg3IGfLWpUsX6dOnj1RUVOg5
-JIw/so9/9+7d9drid+3aVeOyiyBxe/ToIfihXKCcQOAcCXdizt2K/rRnwyi82BHEjz76WGMdDSYH
-SBuH/86dO2XqBVNk1qxZqhHM/9YNMvsrl8m3b7xJt8L80pe+JFOmTJad1WFLzKA1fBy0lKlTpqgW
-gnBOvWBqIPSPgqCm8vv4cOo+L730skyZPE2um3e9vPnmYjn77LNl7j/PlY0bNul9tQD+zxFoIAJo
-sUa6PXv21N7h4sWLZdmyZfL2228rYaIcINtmlmB3S9JAtqRBbiFjtG2InR4ism0b/HBNT5Fw4vLb
-u3evLF26VO/Dvf7yl78I2rWTdO4GdILOgVFKIFOkHOQ7jG6kEiDsu2p3y+TJk9XjxRdflLfeXCIT
-z52gR65x500+T00eBw8elNFnjZaRo0bKqlWr5N1339Wu46jRI7WLiJCzET0Ojbt//woV7J888BM9
-onUPGny6HDhwwLVoRcn/NRUBZA6SRJb37Nkjq1evDmMpG5VwIeT27dur9ovJrra2Vs/xIz6ki2mj
-Y8eO+oOsMf3Ry0RGSQPRExdHzxIzCj8I3PybWoekp3eCbmgLp+RNNQMEvE/o+uE2bNgog88YrMI3
-8PQBsnnTZvWnG0i3bsvmKpk+40Lt6qEVL3lriXb1ZsyYrtr2aaeFWSCaguHDMLoeztFYdoQBym3b
-tqngDx48SAci3cxxDCg/NAgBlA1IE/LEBozpYeLEiWruwFQBOa9fv17zRGtG/jBN8GEExmIwTWCy
-MDMHPUgIHq0ZBYQjcWpqapSITbPGb+zYsTJ69GgZM2aM2qUhaMrjLjsCTtDZ8akXquJ0TKZMuE45
-5diUuaAVMPD3Cb+wnysCjuOBQGsoK2snEydMlH379skv/+NxeeKJ/1RNY2LQjBHgQyGOaRV8auzo
-kaP6IBylexnOcaeGeOTvzhFoCgLI2Zo1a6SyslKzYewD4jznnHPUFg0BQ66QMZrvli1b9Mc5pE16
-wiFt5ByiR2ngSFqI25QInhMjccL5MZDuLj8EfBZHfjhprDZBCNsGQkY4sUYwNQ7NAVcWun54ntI2
-dBmDnbpdGOHGQc7vLHtPbv63f5H+A/oH4a2Rf739Ng1D4LH5YSa5945/D3OtU+o5D8Bp7U5TcoeU
-TwsaOIJOt5LvRbpzBJqCALKEXL7//vuqNUOYDA727t1byXf58uVKxJgvkFFme+AgX/yIj0kEeeTI
-ACPEzRGzBxo6pIyiAlHjh41bn5uQD/fnZwqJZu7/0iLgGnRaWNJ7YlvbWrVNBbC2ZpfO8LAu4fDh
-w+T3C/9bteJXFr4uTEPCbQymj90f7VASRiA7dSqXL35xlv4QdvywU+87WqOkT5ojYQ70lk1bZPmy
-FcFOPVIGBGKnm7lm9RrpWN5RHxTiuXMEGoIAsob9t1+/fjJ+/HjVkFEwMKFByhAuNmTMGpg8IFTO
-BwwYoD9IFz/IGPKFZDFn4MfMJXqLXKNVR8mXeBC9/Xg5kN5dbgRcHcuBEYKGgOEQ1ClTJ4fBkw6q
-GVRU9JFFC1+QmTNnyhe+8AX52c8ekyVLlsiDj94fZnZcrOaM3/9+oXzly5eGLuRZen3vPfeqOQMj
-M4tZbr31Fhk3bqycPfYfgmCnTBnlgcRnzJyu5Dz7H2frA7Bo4aKwAGaPTnViQCb6AOSoggc7AnUI
-IMtowtiLOUeW+DGdjrESSBSt18wbDGgTHwcRY0eGvDGP4I+ZA8InPvlg24bIo478yN/MHsiu3dfl
-OIrU8edO0MdjUs8HoUIwcfNvmK/EyNsfvxUrVsols2bL2HFPyDe+cZVcf/11MmfONap1oG3/6ldP
-yP88v0juuf8ufSCYXvTbJ5+WMePOCvz8d1n1zt/kkku+rNrMN66+MtiaU3br6dOny7Rp01Sg0TZ+
-97vfyX899Vvp17+fj4DXax2/aAgCEDIaMVPgWGQCsWJ3RuPFH8L94IMPlGwxV2zevFntyYyR4JBF
-zBeYQ9CisU0j52je9AbRnjmHoMnTCJm8mCoKGVMGnp2tW7fqTCbyxs9degRajRs3TtGBdAD2zDOG
-alfFQQsWhyBQdAGZaVERhJJBwFZhTw6Op5xyqlSGVVSvv/7noBnvlcGDB8tFM2cE4WZ+6Q75wx9e
-lXVrPwjadlkYKZ8gw0cMl8Vh9sa6dR+E6UjYqyXY5g4EU8gZauJ4e+XbQbj3yaTzztUl3q2DEO8K
-U5uWLv1f+dvf3tPl3t4t/FSIaRtIYO26teGllVpa/Glo6ow4TP3i6K4+Apg6GLBDk+a5h3zRhnfv
-3l1nT2awD/k3okX+mGZHGmzPxMVBzuQFeUPQELApMRC5KThWAvIjHlP3LG8LK+UjnIu9Psq9TtA5
-JIKHG8FlzjMOwWMQEDtxr149pXuPlK2O2Rlbq7YGLQTturX0DtPryss76DWmiaoQxvQ7NBcjWoST
-B2B95YYwgNhPX4ybg+0ZhzbD8u4eIf/yYHdmbw53nyLgBP0pFo05Az9I2swX5IENmR8vPsLQquME
-iuxinoDUjXjxIz5pzY/8IBr8o4Rj/nYvrt2lEHCCboQkAJrO3GjdRs0S6GJ0OZirjHAfCRsbcY5g
-RoUZoSWc9ISZ4ONnGl08jGsEH/OHunCwfFIe/t8QcII2JBp/NDmM5oAM4giz82h4pjDLK57G/ON5
-cB2Pmy5OKfmBR1yDdht0DglAwHROsqQGSuLRIWccxMsv7khvWgdhUYGNhxGOduLOEWgJBLIRZEPD
-MsXP5N8S9UvCPXyaXRJa0evgCDgCiUTACTqRzeqVcgQcgSQg4ASdhFb0OjgCjkAiEXCCTmSzeqUc
-AUcgCQg4QSehFb0OjoAjkEgE6hP0sdldiaypVyqhCLjQJrRhvVoBgfoEfWzBFVNjfHqMy0ehIhCV
-z+i0xWh5XX6jaPh5MSEQld26edAIOiuImMtr6/IzCX8xVdbLmkwEWPzDnHFkNp2c4mdEzgKiqNAn
-ExGvVTEjgLyyXgI5jcpzHUEjxCzLrNpaJRV9Kuot2SzminvZk4kA5Lw1yCorOdmDOx0B48ceE2zI
-ExX6ZCLitSpmBCBnZDUjQRPAcuTa2pqw6Umtnhdzhb3sSUaAZfZHVJh1aXyQ3XQOUkbpyKRlp0vj
-fo7AyUAA/o2TM+Wo06CtUJg3Pt3/oW5XCAsuqKPtUZb+8WS/jJSz8Ph1vDLpwvHLlj4aHs+P63h4
-c9wjnkeue6SLT9ky1StX/Hi94vEJPxHOltWTNz2+1mF/lE9rkf6Opjkj03aePqb7OgInBwEj5nTy
-eRxBU0SEP7or1ckptt/VEciMAEKdi5yjqdMJfzTczx2Bk4VANtlMS9AUNPUAnKwi+30dAUfAEXAE
-2mZjb4fHEXAEHAFH4OQh0DbdFpknrzh+Z0fAEXAEHAFDoFX4JJCNFZmfHx2BZkfABkLyzTgeP9d1
-vvl6PEegmBCITwAoprJ7WR0BR8ARSDQCbX22RqLb1yvnCDgCRYxA/b04irgiXnRHwBFwBJKGgBN0
-0lrU6+MIOAKJQcAJOjFN6RVxBByBpCHgBJ20FvX6OAKOQGIQcIJTkiTSAAALNElEQVROTFN6RRwB
-RyBpCDhBJ61FvT6OgCOQGAScoBPTlF4RR8ARSBoCTtBJa1GvjyPgCCQGASfoE9CULEu2z9ecgOw9
-S0fAESgRBDJuN1oi9W/2arL5VPv27aVr165y4MCB8HWaXbq/drPfyDNUBOxlyAUfm8DxFRX82dfc
-d2tUSE7oP7Dm1xBHu3jb5EasVVjq3TBkc+dZkjFMQPv27Svbt2/XD5oCRKdOnWTPnj3+AYQTIBX0
-Ujp27KgvQx72gwcPKlGUlZXpw8/Lce/evXpnJ4PmbwB7CSLjvAwb4mg7ngv/0k121Jygs+OTMxQh
-Rch69uypHyfdtGmTppkzZ46sXLlSli9friS9b98+1xhyoplfBHop7dq1U8w3btyYNdGAAQOkpqZG
-9u/f7y/JrEg1LBC5Zx+fLl26yI4dOxqW+FjsHj16KEn7NyMzw+cEnRmbnCEQRXl5uXTv3l0qKys1
-/ty5c+XKK6+UYcOGyerVq2XatGnqH7Z1lUOHDum5/2s8AmCO+YiX4u7du4WHfN68efKZz3xG6L2g
-yVVVVcnatWvlqaeekvfee08/gAyRVFdXO0k3Hvq6lJAzH5jmy+q4yZMnqxJiREt4vMdifpYW7fnN
-N9/U9JimLK16+L86BJyg66DI7wTBQ5gQqj59+siGDRs04fjx4+V73/uenH/++drt5hPqaG3z58+X
-hQsXKpHs3LmzwV3B/EpVGrEgZwgZosXdd9998rnPfU4GDhwo0a97Wxtt3rxZXn31Vbnppps0fu/e
-vWXbtm1O0opG4/+BL2YNeiaPPPKItgGE3RDHM/Tiiy/q89GtWzfVpCFvd/URaBiq9dOW3BUCBEmg
-qXE0cv7pT38qM2fOlH79+qnQvvLKK3LOOecoPsRz13QEwBHN2cj5mWeekQsuuEAzXrdunfz1r3/V
-rjZtRI9m1KhRMnToULnqqqtk+PDhcskllyg5G8H7NruNaxPw7dy5s8o5mvPnP/95NXOgEce15kx3
-IA96NKSdMmWKvPHGGwJJM2aQbx6Z8k6avxN0ni0KQfDgMyi1fv16TXXLLbfIpZdequYMwpcuXSo/
-//nPZcmSJaq5IWx0xd01HQFszobls88+q6YjyBqipueSzt15551y+eWXy6RJk+S5555TQkDrw9zE
-gKKTQTrUsvtBrjYgCI6cQ84LFiyQNWvWKPGmM1eQDi0bEsYcRXxekuSBIx/ieJvUx98Juj4ex11B
-vEyb69Wrl9qZMVN87Wtfk6uvvlq1ZEwdaHAQwF133aXpL7744jpBc4E7DtIGe/DgMgjLgOC9994r
-U6dOVU36hz/8oTz++OP6kKOBRR3mpTvuuENWrFgh99xzj0ycOFEefvhhueGGG1Rbw/zhrmkI8MI0
-+Yac33rrrbwztHQ8X+4yI+AEnRkb1dgwW6CpMQg4cuRI+e53vysXXnihatPYM//4xz/K97//fY3D
-jAFIxAZPyBpycdc0BHhBgitaFjZnHu7nn39eyZk2oUfD7Bl76LkbNmnMHGjbZ511ltx4440yffp0
-fakyswZzCYOM0TRNK2XppQY703oxWeAYD+DlGMeVeGjLmAUxkZiLxzN/P6YQcILOIAloBzzEpmnd
-f//9MmvWLIGEmTL38ssvy6OPPqpHskAwGRjEudApDM3yDw2LdgDz73znO4rzhx9+qOcQNsTNgiDO
-o47FKu+//75q3nfffbeOEYwePVpNUhA0JFFbW+sDhlHQGngeVT4wa+AgZxsMt3CeBzNPEce1ZlDI
-zzlBp8EJwaLLjKAxn/maa66RESNG6MP8zjvvyK9//WslZ5IOGjRI7WpoBgxAuWt+BGxAj0E/TErv
-vvuu3oTeDZpznJwJhBQgDRat4Gi3sWPH6oAh14SlS0eYu/wQAGNTRqJHcI2GkZv5cW5xOTcS59zd
-8Qg4Qccw4U2PvRnzxde//nW57bbbVINjbu1vfvMbwe6JYyYHDzmmD4TPH/YYkM10CTmbyYhBWh5o
-2sZc9GE3v+jRCMBWFJIHjjnpDFq5NhdFq3nOwTzeLtYO8TvE48XDS/26fr+w1NGI1R/hsR8CFu2m
-uWDFwGrBy0wPe64iNDZdrnxLKRy5Nxx5HuzcjvlgQVyLb8d80pViHCfoWKujCbN0FXMFpowf//jH
-uhqtoqJCp3O9/vrrct1116ltmj03BgUTB6sJo+Qdy9Ivm4AAGi5mDRwmJwiCBULmcj3g9iKljTgn
-DxzT9sxuann5MTcC4G2Y2pFUmc4tx2h4rjazNH4MpiEH4XgEECYeZOzQjz32mC5lZTrXli1bZMyY
-MXL77bfL008/rbMCMHEwG4BBQrOVRnOMCmbU38/zR8DMEAz6Ye5g5gaO9mBeerqXIySACYP5zjhm
-cpAPS79xhKVLp4H+Ly8EorJtpMvRNGuO0XOLQzpLa8e8bliCkZygMzQ6mjSj/AxE8TCzGOKrX/2q
-LozgQWflIItS+Nn0IdP0TBDJOnqe4VbunQUBXnq0A+7BBx/UaVqDBw+WBx54QAmXWTVMwzMiAG9+
-TLNjUJHe0A9+8AMdHNy6dau2H3nxUvVxA5BomIsSKpib4xnB8Sxg50e54Rg9t0Up6RQZy8eP9RFw
-gq6PR70rHmCm2UG8kAKzB1igwrznxYsX61QtVqq99tprSgJM+cIZUXMeFWiu3TUcAabRQcSYJF56
-6SUlYJZu0xa0CRgTzsvUfpDBqlWrdIk3g70QNvtyMMWuf//+Pge64c2QNQUrBHHMZqL3ydqB6A8/
-2xqBF64pLnbMmnkJB/osjhyNz9ueEX/m3qIN8OBjm+bHUu/Zs2fr0lU25GEBCxp1dEWVC2AOgPMI
-hoDRhJm7fOutt+qUx89+9rP6UsTccfPNN+s86XhWCxYs0KXekDZtwsZV1jOKx/Xr/BCIyrNpzfix
-fBvHghVepLSZxbVz4ttSb7uba9OGRPqjE3R6XOr5ImDW1WYvB5tix+IVfg899JBcdNFFMmHCBBky
-ZIgsW7ZM0yOgpHXXdAR4SdqcZrRnltaz0Q7bu0LW6TZLgjQgBXo7l112mRaCrjeanRND49oEeTbT
-BouHOOfFycswX1nnuWDQlj08WNiCI5980zeu5MWZqk3QKBYUZ9FbvtQIEBoY9ktWqqGZcc52omyU
-xMwPTCHsnkY8NIlFixbpijbspL5BT+PbDDwxdYAxxyeffFJ7NFwPCjNpGARky1dekqwYhIiZuw6R
-X3HFFTq4yHajaOJOzo1vB54BBmpZ3cn+G7wEMRk1BFPy4Fl44YUXdBCetoKs3R2PgO8HfTwmefsw
-WIgmAElgAsGx6tC2uESA2f+BeJhGnKDzhjZjRLCEHNC4eDmyidK1116rRMELk4ffN+zPCF+zBKAB
-Q8goKbjzzjtPtWgzbWS7CWnp1UDIvmF/NqRSYU7QuTHKGgOBgyzin7yi681OavbJK1ayoQW6azoC
-kLR/8qrpODYlByNpzBuYjBrjUGwg6nyIvTH5JyGNE3QztSICi8M+TTfaNk7yj8Y2E8BpsuHF6B+N
-TQNMC3kh8ygd/tHYEwe4E3QzY4t2h72ZbjgDID7ftpkBjmVnPRi8bXojXW8jD0we7k4sAmDNryGO
-dvG2yY2YE3RujBocwwTWhbDB0HkCR8ARiCDg0+wiYDTXqRNzcyHp+TgCpY2Aj1qVdvt77R0BR6CA
-EXCCLuDG8aI5Ao5AaSPgBF3a7e+1dwQcgQJGwAm6gBvHi+YIOAKljYATdGm3v9feEXAEChgBJ+gC
-bhwvmiPgCJQ2Ak7Qpd3+XntHwBEoYAScoAu4cbxojoAjUNoIOEGXdvt77R0BR6CAEXCCLuDG8aI5
-Ao5AaSPw/y/rbdCkSyETAAAAAElFTkSuQmCC" />
-</div>
-</div>
-<p>Let&#8217;s examine the main portions of the code provided in the sample:</p>
-<ul>
-<li>
-<span class="monospaced">SecureNoteActivity</span> - Main activity UI for entering note text and selecting an algorithm.
-</li>
-<li>
-<span class="monospaced">GetPasswordDialog</span> - Dialog to enter a password for saving/loading a note. When saving, requires verification of newly entered password.
-</li>
-<li>
-<span class="monospaced">PasswordEncryptor</span> - Abstraction of logic for password-based encryption
-</li>
-<li>
-<span class="monospaced">RSAHardwareEncryptor</span> - Abstraction of logic for hardware-bound key encryption
-</li>
-</ul>
-<p>Our focus will be to fill in the encryption/decryption pieces of <span class="monospaced">PasswordEncryptor</span> and <span class="monospaced">RSAHardwareEncryptor</span>.</p>
-</section>
-
-<!--subslide-->
-<section class="slide slide1">
-<h2>Symmetric Password-Based Encryption</h2>
-<p>Let&#8217;s focus on password encryption first. Inside <span class="monospaced">PasswordEncryptor</span>, there are three methods we need to fill in:</p>
-<ul>
-<li>
-<span class="monospaced">generateSecretKey()</span> - Create a new key object from the password material.
-</li>
-<li>
-<span class="monospaced">encryptData()</span> - Take plain text data and write it (encrypted) to a stream.
-</li>
-<li>
-<span class="monospaced">decryptData()</span> - Take encrypted data from a stream and decrypt it.
-</li>
-</ul>
-<p>The hooks for triggering this logic from the user interface are already in place:</p>
-<ol>
-<li>
-<p>
-Implement <span class="monospaced">generateSecretKey()</span>:
-</p>
-<ol>
-<li>
-<p>
-Get an instance of a <span class="monospaced">SecretKeyFactory</span> using the "PBKDF2WithHmacSHA1" algorithm
-</p>
-</li>
-<li>
-<p>
-Create a new <span class="monospaced">PBEKeySpec</span> with the supplied password parameters
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">Use an iterations count of at least 1000</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Generate a new <span class="monospaced">SecretKey</span> from the factory with <span class="monospaced">generateSecret()</span>
-</p>
-</li>
-<li>
-<p>
-Return a new <span class="monospaced">SecretKeySpec</span> containing the raw key bytes and algorithm:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="k">new</span> <span class="n">SecretKeySpec</span><span class="o">(</span><span class="n">keyBytes</span><span class="o">,</span> <span class="s">&quot;AES&quot;</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-</ol>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">encryptData()</span> to write incoming data to a stream:
-</p>
-<ol>
-<li>
-<p>
-Get a Cipher instance loaded with the "AES/CBC/PKCS5Padding" algorithm (already defined for your as <span class="monospaced">ENCRYPTION_ALGORITHM</span>)
-</p>
-</li>
-<li>
-<p>
-Use the provided <span class="monospaced">SecureRandom</span> to generate a random salt:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="kt">byte</span><span class="o">[]</span> <span class="n">salt</span> <span class="o">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="o">[</span><span class="n">SALT_LENGTH</span><span class="o">];</span>
-<span class="n">mSecureRandom</span><span class="o">.</span><span class="na">nextBytes</span><span class="o">(</span><span class="n">salt</span><span class="o">);</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Repeat the same process to create a new initialization vector (<span class="monospaced">iv</span>). The length of the array should be <span class="monospaced">cipher.getBlockSize()</span>.
-</p>
-</li>
-<li>
-<p>
-Initialize the cipher with your key and iv:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">ENCRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Call <span class="monospaced">doFinal()</span> on the cipher to return an encrypted version of the incoming <span class="monospaced">data</span> bytes.
-</p>
-</li>
-<li>
-<p>
-We need the <em>salt</em> and <em>iv</em> again to decrypt the data. Write all three items (Base64-encoded) to supplied <span class="monospaced">OutputStream</span>.
-</p>
-</li>
-<li>
-<p>
-Write the supplied <span class="monospaced">DELIMITER</span> character in between each element so they can easily be split apart later.
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">We chose <em>&amp;</em> as the delimiter because it is a character not present in the Base64 encoding alphabet.</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-<span class="monospaced">flush()</span> and <span class="monospaced">close()</span> the <span class="monospaced">OutputStream</span>
-</p>
-</li>
-</ol>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">decryptData()</span> to reverse the process:
-</p>
-<ol>
-<li>
-<p>
-Use the supplied <span class="monospaced">readFile()</span> method to stream the encrypted data into memory as a string.
-</p>
-</li>
-<li>
-<p>
-Split the string on <span class="monospaced">DELIMITER</span> to get back the original three fields (salt, iv, encrypted data).
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">Don&#8217;t forget to Base64 decode each field after splitting them!</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Init a new cipher for decryption using the same algorithm and key:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="n">Key</span> <span class="n">key</span> <span class="o">=</span> <span class="n">generateSecretKey</span><span class="o">(</span><span class="n">passphrase</span><span class="o">.</span><span class="na">toCharArray</span><span class="o">(),</span> <span class="n">salt</span><span class="o">);</span>
-<span class="n">Cipher</span> <span class="n">cipher</span> <span class="o">=</span> <span class="n">Cipher</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">ENCRYPTION_ALGORITHM</span><span class="o">);</span>
-
-<span class="n">cipher</span><span class="o">.</span><span class="na">init</span><span class="o">(</span><span class="n">Cipher</span><span class="o">.</span><span class="na">DECRYPT_MODE</span><span class="o">,</span> <span class="n">key</span><span class="o">,</span> <span class="k">new</span> <span class="n">IvParameterSpec</span><span class="o">(</span><span class="n">iv</span><span class="o">));</span>
-</pre></div></div></div>
-</li>
-<li>
-<p>
-Return the result of <span class="monospaced">doFinal()</span> to get back the decrypted note.
-</p>
-</li>
-</ol>
-</li>
-<li>
-<p>
-Build and deploy the application to your device/emulator.
-</p>
-</li>
-<li>
-<p>
-Select the <em>Password-Based</em> option and type in some note text.
-</p>
-</li>
-<li>
-<p>
-Click <em>Save</em>, and enter a new password. You should see a message saying the save was successful.
-</p>
-</li>
-<li>
-<p>
-Connect to your device&#8217;s shell and view the saved file:
-</p>
-<div class="listingblock">
-<div class="content">
-<pre><tt>$ adb shell cat /data/data/com.example.android.securenote/files/secure.note
-OlpcR+xyPsaBXtZP2mkZdtxrMGnTnSmqM/r0RzVFJjk=&amp;o0hKRxL3MVw1D1wQFUIV+w==&amp;fOToQqDlEaBhgKlnCsgbgSUckemI/XBp9TPBY+SPTYWiHvICsmBT42miMCz0wui/pAMQ+OaehUAN3DayPKEoWw==</tt></pre>
-</div></div>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">This can only be done on an emulator or rooted device. Production devices have this directory protected!</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Looks pretty encrypted! Click <em>Load</em>, and enter the same password. You should see the note text displayed below the entry field.
-</p>
-</li>
-</ol>
-</section>
-
-<!--subslide-->
-<section class="slide slide1">
-<h2>Using a Hardware-Bound RSA Key</h2>
-<p>Now let&#8217;s try this using a private key that is tucked away in a non-exportable block of the hardware. The <span class="monospaced">RSAHardwareEncryptor</span> has four methods you will need to implement:</p>
-<ul>
-<li>
-<span class="monospaced">retrievePublicKey()</span> - Get the public (encryption) key from storage.
-</li>
-<li>
-<span class="monospaced">retrievePrivateKey()</span> - Get the private (decryption) key from the keystore.
-</li>
-<li>
-<span class="monospaced">encryptData()</span> - Take plain text data and write it (encrypted) to a stream.
-</li>
-<li>
-<span class="monospaced">decryptData()</span> - Take encrypted data from a stream and decrypt it.
-</li>
-</ul>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">Hardware-backed key storage is only available on Android 4.3+</td>
-</tr></table>
-</div>
-<p>The hooks for triggering this logic from the user interface are already in place:</p>
-<ol>
-<li>
-<p>
-Read through and take a moment to understand the <span class="monospaced">generatePrivateKey()</span> method.
-</p>
-<ol>
-<li>
-<p>
-This method is responsible for creating the public/private key pair and persisting them both.
-</p>
-</li>
-<li>
-<p>
-The public key is stored to <span class="monospaced">SharedPreferences</span>.
-</p>
-</li>
-<li>
-<p>
-The private key is bound to the hardware keystore. It can be referenced later by its <em>alias</em> (<span class="monospaced">KEY_ALIAS</span> in this case).
-</p>
-</li>
-</ol>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">retrievePublicKey()</span> to create the encryption key:
-</p>
-<ol>
-<li>
-<p>
-Retrieve the encoded key string from <span class="monospaced">SharedPreferences</span>.
-</p>
-</li>
-<li>
-<p>
-Decode the string with <span class="monospaced">Base64.decode()</span> into raw bytes.
-</p>
-</li>
-<li>
-<p>
-Use a <span class="monospaced">KeyFactory</span> to return a <span class="monospaced">PublicKey</span> objeect from the bytes:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="n">KeyFactory</span><span class="o">.</span><span class="na">getInstance</span><span class="o">(</span><span class="n">KEY_ALGORITHM</span><span class="o">)</span>
-                <span class="o">.</span><span class="na">generatePublic</span><span class="o">(</span><span class="k">new</span> <span class="n">X509EncodedKeySpec</span><span class="o">(</span><span class="n">publicKey</span><span class="o">));</span>
-</pre></div></div></div>
-</li>
-</ol>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">retrievePrivateKey()</span> to get the decryption key from hardware:
-</p>
-<ol>
-<li>
-<p>
-Get a <span class="monospaced">KeyStore</span> instance of the "AndroidKeyStore".
-</p>
-</li>
-<li>
-<p>
-Load the <span class="monospaced">KeyStore</span> with <span class="monospaced">null</span> as the <span class="monospaced">InputStream</span> parameter to initialize it.
-</p>
-</li>
-<li>
-<p>
-Get the <span class="monospaced">KeyStore.Entry</span> associated with our <span class="monospaced">KEY_ALIAS</span> from the <span class="monospaced">KeyStore</span>.
-</p>
-</li>
-<li>
-<p>
-Return the <span class="monospaced">PrivateKey</span> from the entry with <span class="monospaced">getPrivateKey()</span>:
-</p>
-<div class="listingblock">
-<div class="content"><div class="highlight"><pre><span></span><span class="k">return</span> <span class="o">((</span><span class="n">KeyStore</span><span class="o">.</span><span class="na">PrivateKeyEntry</span><span class="o">)</span> <span class="n">entry</span><span class="o">).</span><span class="na">getPrivateKey</span><span class="o">();</span>
-</pre></div></div></div>
-</li>
-</ol>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">encryptData()</span> to write incoming data to a stream:
-</p>
-<ol>
-<li>
-<p>
-Retrieve an instance of the <em>public</em> key.
-</p>
-</li>
-<li>
-<p>
-Initialize a new cipher in encrypt mode with the "RSA/ECB/PKCS1Padding" algorithm.
-</p>
-</li>
-<li>
-<p>
-Wrap the supplied <span class="monospaced">OutputStream</span> in a <span class="monospaced">Base64OutputStream</span> to encode all characters before file writing.
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">Add the <span class="monospaced">Base64.NO_WRAP</span> flag to the stream to avoid reading conflicts.</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Wrap the encoding stream from the previous step in a <span class="monospaced">CipherOutputStream</span> to apply our cipher to all bytes written.
-</p>
-</li>
-<li>
-<p>
-Write the incoming data to our wrapped <span class="monospaced">OutputStream</span>, <span class="monospaced">flush()</span> and <span class="monospaced">close()</span>.
-</p>
-</li>
-</ol>
-</li>
-<li>
-<p>
-Implement <span class="monospaced">decryptData()</span> to reverse the process:
-</p>
-<ol>
-<li>
-<p>
-Retrieve an instance of the <em>private</em> key.
-</p>
-</li>
-<li>
-<p>
-Initialize a new cipher in decrypt mode with the key and the same RSA algorithm.
-</p>
-</li>
-<li>
-<p>
-Wrap the provided <span class="monospaced">InputStream</span> in a <span class="monospaced">Base64InputStream</span> to decode the file bytes.
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon note">
-</td>
-<td class="content">Don&#8217;t forget the <span class="monospaced">Base64.NO_WRAP</span> flag again!</td>
-</tr></table>
-</div>
-</li>
-<li>
-<p>
-Wrap the decoder stream in a <span class="monospaced">CipherInputStream</span> to apply decryption to the incoming data.
-</p>
-</li>
-<li>
-<p>
-Use the supplied <span class="monospaced">readFile()</span> helper to read data from the incoming stream
-</p>
-</li>
-<li>
-<p>
-Return the decoded data as a <span class="monospaced">byte[]</span>.
-</p>
-<div class="admonitionblock">
-<table><tr>
-<td class="icon tip">
-</td>
-<td class="content">You can use <span class="monospaced">getBytes()</span> to return the bytes of a <span class="monospaced">String</span>.</td>
-</tr></table>
-</div>
-</li>
-</ol>
-</li>
-<li>
-<p>
-Run the application again. Type a new secret message to save.
-</p>
-</li>
-<li>
-<p>
-Select the <em>Key-Based</em> option, and click <em>Save</em>.
-</p>
-</li>
-<li>
-<p>
-If the save was successful, you can click <em>Load</em> and see your typed message in the lower box.
-</p>
-</li>
-</ol>
-</section>
-
-<!--slide-->
-<section class="slide slide0">
-<h2 class="section-slide">Review Questions</h2>
-<ol>
-<li>
-<p>
-Name three of the primary APIs for persisting data in Android.
-</p>
-</li>
-<li>
-<p>
-Why is it a bad idea hard-code secret keys in your application code?
-</p>
-</li>
-<li>
-<p>
-What is the preferred method of generating a unique ID for your application user?
-</p>
-</li>
-<li>
-<p>
-what is the one type of persisted data that cannot be (directly) encrypted?
-</p>
-</li>
-<li>
-<p>
-What is the name of the package that provides encryption for SQLite?
-</p>
-</li>
-<li>
-<p>
-What is the primary advantage of the accounts framework?
-</p>
-</li>
-<li>
-<p>
-Is password-based encryption symmetric or asymmetric? What does that mean?
-</p>
-</li>
-<li>
-<p>
-What is the difference between the system KeyChain and the system KeyStore?
-</p>
-</li>
-<li>
-<p>
-When is it safe to persist an encryption key in the system KeyStore?
-</p>
-</li>
-<li>
-<p>
-How do we check if the device supports this?
-</p>
-</li>
-</ol>
-<p></p>
-<!--footer: Added this to close the final slide section-->
-</section>
-    <!-- deck.status snippet -->
-    <p class="deck-status" aria-role="status">
-      <span class="deck-status-current"></span>
-      /
-      <span class="deck-status-total"></span>
-    </p>
-
-    <!-- deck.goto snippet -->
-    <form action="." method="get" class="goto-form">
-      <label for="goto-slide">Go to slide:</label>
-      <input type="text" name="slidenum" id="goto-slide" list="goto-datalist">
-      <datalist id="goto-datalist"></datalist>
-      <input type="submit" value="Go">
-    </form>
-
-
-    <div class="deck-toc"></div>
-<script>
-        $(function() {
-                $.deck('.slide');
-        });
-</script>
-
-</body>
-</html>
diff --git a/README.asciidoc b/README.asciidoc
index d4ece7d..a851be0 100644
--- a/README.asciidoc
+++ b/README.asciidoc
@@ -1,5 +1,5 @@
 = Storage Encryption
 
-This project was created to support various http://thenewcircle.com/training/android/[NewCircle Android Training] courses.
+This project was created to support https://www.protechtraining.com/android-security-pt15256[Protech Android Security Training] course
 
-This application is intended to demonstrate the use of Java cryptography to encrypt data in Android.
+This application is intended to demonstrate the use of Android cryptography to encrypt data in Android.
diff --git a/app/build.gradle b/app/build.gradle
index bbfcdea..96fdd87 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -1,12 +1,13 @@
 apply plugin: 'com.android.application'
+apply plugin: 'kotlin-android'
 
 android {
-    compileSdkVersion 29
+    compileSdkVersion 31
 
     defaultConfig {
         applicationId "com.example.android.securenote"
-        minSdkVersion 19
-        targetSdkVersion 29
+        minSdkVersion 23
+        targetSdkVersion 31
     }
 
     buildTypes {
@@ -15,8 +16,21 @@ android {
             proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.txt'
         }
     }
-}
 
+    buildFeatures {
+        viewBinding true
+    }
+
+    packagingOptions {
+        exclude 'META-INF/atomicfu.kotlin_module'
+    }
+}
+repositories {
+    mavenCentral()
+}
 dependencies {
-    implementation 'androidx.appcompat:appcompat:1.1.0'
+    implementation 'androidx.appcompat:appcompat:1.3.0'
+    implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-core:1.5.1-native-mt'
+    implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-android:1.5.1-native-mt'
+    implementation 'androidx.security:security-crypto:1.1.0-alpha03'
 }
diff --git a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
deleted file mode 100644
index 1c4d23a..0000000
--- a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.java
+++ /dev/null
@@ -1,152 +0,0 @@
-
-package com.example.android.securenote;
-
-import android.app.Activity;
-import android.os.Bundle;
-import android.text.Editable;
-import android.text.TextWatcher;
-import android.util.Log;
-import android.view.LayoutInflater;
-import android.view.View;
-import android.view.View.OnClickListener;
-import android.view.ViewGroup;
-import android.widget.Button;
-import android.widget.EditText;
-
-import androidx.fragment.app.DialogFragment;
-
-public class GetPasswordDialog extends DialogFragment implements
-        OnClickListener, TextWatcher {
-    private static final String TAG = GetPasswordDialog.class.getSimpleName();
-
-    private static final String VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword";
-    private static final String MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength";
-    private static final String REQUEST_PARAM = "requestType";
-
-    public static GetPasswordDialog newInstance(int requestType,
-                                                int minPasswordLength,
-                                                boolean verifyPassword) {
-        GetPasswordDialog dialog = new GetPasswordDialog();
-        Bundle args = new Bundle();
-        args.putBoolean(VERIFY_PASSWORD_REQUEST_PARAM, verifyPassword);
-        args.putInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, minPasswordLength);
-        args.putInt(REQUEST_PARAM, requestType);
-        dialog.setArguments(args);
-
-        return dialog;
-    }
-
-    public interface OnPasswordListener {
-        void onPasswordValid(int requestType, String password);
-
-        void onPasswordCancel();
-    }
-
-    private EditText password;
-    private EditText passwordVerification;
-    private Button okButton;
-    private int minPasswordLength;
-
-    private OnPasswordListener passwordListener;
-
-    @Override
-    public void onAttach(Activity activity) {
-        super.onAttach(activity);
-        try {
-            passwordListener = (OnPasswordListener) activity;
-        } catch (ClassCastException e) {
-            throw new IllegalArgumentException(
-                    activity.getClass().getSimpleName()
-                            + " should implement OnPasswordListener");
-        }
-    }
-
-    @Override
-    public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) {
-        getDialog().setTitle(R.string.get_password_label);
-        View content = inflater.inflate(R.layout.get_password, container, false);
-
-        password = content.findViewById(R.id.password_text);
-        passwordVerification = content.findViewById(R.id.password_verification_text);
-        okButton = content.findViewById(R.id.ok_button);
-
-        content.findViewById(R.id.cancel_button).setOnClickListener(this);
-        okButton.setOnClickListener(this);
-
-
-        return content;
-    }
-
-    @Override
-    public void onActivityCreated(Bundle savedInstanceState) {
-        super.onActivityCreated(savedInstanceState);
-        final Bundle args = getArguments();
-
-        boolean verifyPassword = args.getBoolean(VERIFY_PASSWORD_REQUEST_PARAM, true);
-        if (verifyPassword) {
-            okButton.setEnabled(false);
-            minPasswordLength = args.getInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, 0);
-            if (minPasswordLength > 0) {
-                password.setHint(super.getString(R.string.password_hint_min_length,
-                        minPasswordLength));
-            }
-            password.addTextChangedListener(this);
-            passwordVerification.addTextChangedListener(this);
-        } else {
-            passwordVerification.setVisibility(View.GONE);
-        }
-    }
-
-    @Override
-    public void onPause() {
-        super.onPause();
-        password.getText().clear();
-        passwordVerification.getText().clear();
-        Log.d(TAG, "Cleared password fields");
-    }
-
-    public void onClick(View v) {
-        switch (v.getId()) {
-            case R.id.ok_button:
-                final int requestType = getArguments().getInt(REQUEST_PARAM);
-                passwordListener.onPasswordValid(requestType, this.password.getText().toString());
-                break;
-            case R.id.cancel_button:
-                passwordListener.onPasswordCancel();
-                break;
-            default:
-                throw new IllegalArgumentException("Invalid Button");
-        }
-        // the passwords will be cleared during onPause()
-        dismiss();
-    }
-
-    public void afterTextChanged(Editable s) {
-        if (password.length() < minPasswordLength) {
-            Log.d(TAG, "Password too short");
-            okButton.setEnabled(false);
-        } else if (password.length() != passwordVerification.length()) {
-            Log.d(TAG, "Passwords' length differs");
-            okButton.setEnabled(false);
-        } else {
-            for (int i = 0; i < password.getText().length(); i++) {
-                if (password.getText().charAt(i) != passwordVerification.getText()
-                        .charAt(i)) {
-                    Log.d(TAG, "Passwords differ");
-                    okButton.setEnabled(false);
-                    return;
-                }
-            }
-            Log.d(TAG, "Passwords are the same");
-            okButton.setEnabled(true);
-        }
-    }
-
-    public void beforeTextChanged(CharSequence s, int start, int count, int after) {
-        // ignored
-    }
-
-    public void onTextChanged(CharSequence s, int start, int before, int count) {
-        // ignored
-    }
-}
diff --git a/app/src/main/java/com/example/android/securenote/GetPasswordDialog.kt b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.kt
new file mode 100644
index 0000000..f5f8023
--- /dev/null
+++ b/app/src/main/java/com/example/android/securenote/GetPasswordDialog.kt
@@ -0,0 +1,148 @@
+package com.example.android.securenote
+
+import android.content.Context
+import android.os.Bundle
+import android.text.Editable
+import android.text.TextWatcher
+import android.util.Log
+import android.view.LayoutInflater
+import android.view.View
+import android.view.View.OnClickListener
+import android.view.ViewGroup
+import com.example.android.securenote.databinding.GetPasswordBinding
+
+
+class GetPasswordDialog : androidx.fragment.app.DialogFragment(), OnClickListener, TextWatcher {
+    private var minPasswordLength: Int = 0
+    private var passwordListener: OnPasswordListener? = null
+    private lateinit var getPasswordBinding: GetPasswordBinding
+
+    interface OnPasswordListener {
+        fun onPasswordValid(requestType: Int, password: String)
+
+        fun onPasswordCancel()
+    }
+
+    override fun onAttach(context: Context) {
+        super.onAttach(context)
+        try {
+            passwordListener = context as OnPasswordListener
+        } catch (e: ClassCastException) {
+            throw IllegalArgumentException("Must implement OnPasswordListener")
+        }
+    }
+
+    override fun onCreateView(
+        inflater: LayoutInflater,
+        container: ViewGroup?,
+        savedInstanceState: Bundle?
+    ): View {
+        dialog?.setTitle(R.string.get_password_label)
+        getPasswordBinding = GetPasswordBinding.inflate(layoutInflater)
+
+        getPasswordBinding.cancelButton.setOnClickListener(this)
+        getPasswordBinding.okButton.setOnClickListener(this)
+
+        return getPasswordBinding.root
+    }
+
+    override fun onViewCreated(view: View, savedInstanceState: Bundle?) {
+        super.onViewCreated(view, savedInstanceState)
+        val args = arguments ?: return
+
+        val verifyPassword = args.getBoolean(VERIFY_PASSWORD_REQUEST_PARAM, true)
+        if (verifyPassword) {
+            getPasswordBinding.okButton.isEnabled = false
+            minPasswordLength = args.getInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, 0)
+            if (minPasswordLength > 0) {
+                getPasswordBinding.passwordText.hint = super.getString(
+                    R.string.password_hint_min_length,
+                    minPasswordLength
+                )
+            }
+            getPasswordBinding.passwordText.addTextChangedListener(this)
+            getPasswordBinding.passwordVerificationText.addTextChangedListener(this)
+        } else {
+            getPasswordBinding.passwordVerificationText.visibility = View.GONE
+        }
+    }
+
+    override fun onPause() {
+        super.onPause()
+        getPasswordBinding.passwordText.text.clear()
+        getPasswordBinding.passwordVerificationText.text.clear()
+        Log.d(TAG, "Cleared password fields")
+    }
+
+    override fun onClick(v: View) {
+        when (v.id) {
+            R.id.ok_button -> {
+                val requestType = requireArguments().getInt(REQUEST_PARAM)
+                val password = getPasswordBinding.passwordText.text.toString()
+                passwordListener!!.onPasswordValid(requestType, password)
+            }
+            R.id.cancel_button -> passwordListener!!.onPasswordCancel()
+            else -> throw IllegalArgumentException("Invalid Button")
+        }
+        // the passwords will be cleared during onPause()
+        dismiss()
+    }
+
+    override fun afterTextChanged(s: Editable) {
+        when {
+            getPasswordBinding.passwordText.length() < minPasswordLength -> {
+                Log.d(TAG, "Password too short")
+                getPasswordBinding.okButton.isEnabled = false
+            }
+            getPasswordBinding.passwordText.length() !=
+                    getPasswordBinding.passwordVerificationText.length() -> {
+                Log.d(TAG, "Passwords' length differs")
+                getPasswordBinding.okButton.isEnabled = false
+            }
+            else -> {
+                for (i in getPasswordBinding.passwordText.text.indices) {
+                    if (getPasswordBinding.passwordText.text[i] !=
+                        getPasswordBinding.passwordVerificationText.text[i]
+                    ) {
+                        Log.d(TAG, "Passwords differ")
+                        getPasswordBinding.okButton.isEnabled = false
+                        return
+                    }
+                }
+                Log.d(TAG, "Passwords are the same")
+                getPasswordBinding.okButton.isEnabled = true
+            }
+        }
+    }
+
+    override fun beforeTextChanged(s: CharSequence, start: Int, count: Int, after: Int) {
+        // ignored
+    }
+
+    override fun onTextChanged(s: CharSequence, start: Int, before: Int, count: Int) {
+        // ignored
+    }
+
+    companion object {
+        private val TAG = GetPasswordDialog::class.java.simpleName
+
+        const val VERIFY_PASSWORD_REQUEST_PARAM = "verifyPassword"
+        const val MIN_PASSWORD_LENGTH_REQUEST_PARAM = "minPasswordLength"
+        const val REQUEST_PARAM = "requestType"
+
+        fun newInstance(
+            requestType: Int,
+            minPasswordLength: Int,
+            verifyPassword: Boolean
+        ): GetPasswordDialog {
+            val dialog = GetPasswordDialog()
+            val args = Bundle()
+            args.putBoolean(VERIFY_PASSWORD_REQUEST_PARAM, verifyPassword)
+            args.putInt(MIN_PASSWORD_LENGTH_REQUEST_PARAM, minPasswordLength)
+            args.putInt(REQUEST_PARAM, requestType)
+            dialog.arguments = args
+
+            return dialog
+        }
+    }
+}
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
deleted file mode 100644
index 0c91047..0000000
--- a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.java
+++ /dev/null
@@ -1,260 +0,0 @@
-
-package com.example.android.securenote;
-
-import android.annotation.SuppressLint;
-import android.content.DialogInterface;
-import android.os.AsyncTask;
-import android.os.Bundle;
-import androidx.appcompat.app.AlertDialog;
-import androidx.appcompat.app.AppCompatActivity;
-import android.text.Editable;
-import android.text.TextWatcher;
-import android.util.Log;
-import android.view.Menu;
-import android.view.MenuItem;
-import android.view.View;
-import android.view.View.OnClickListener;
-import android.widget.Button;
-import android.widget.EditText;
-import android.widget.RadioGroup;
-import android.widget.TextView;
-import android.widget.Toast;
-
-import com.example.android.securenote.crypto.PasswordEncryptor;
-import com.example.android.securenote.crypto.RSAHardwareEncryptor;
-
-import java.io.InputStream;
-import java.io.OutputStream;
-
-public class SecureNoteActivity extends AppCompatActivity implements
-        OnClickListener, TextWatcher, GetPasswordDialog.OnPasswordListener {
-    private static final String TAG = SecureNoteActivity.class.getSimpleName();
-
-    private static final String FILENAME = "secure.note";
-
-    /* Password Activity Actions */
-    private static final int GET_PASSWORD_FOR_LOAD = 1;
-    private static final int GET_PASSWORD_FOR_SAVE = 2;
-
-    private EditText noteText;
-    private TextView resultText;
-    private RadioGroup encryptionSelect;
-    private Button saveButton;
-
-    private PasswordEncryptor passwordEncryptor;
-    private RSAHardwareEncryptor hardwareEncryptor;
-
-    @Override
-    public void onCreate(Bundle savedInstanceState) {
-        super.onCreate(savedInstanceState);
-        setContentView(R.layout.secure_note);
-
-        noteText = findViewById(R.id.note_text);
-        resultText = findViewById(R.id.text_result);
-        encryptionSelect = findViewById(R.id.type_select);
-        saveButton = findViewById(R.id.save_button);
-
-        findViewById(R.id.load_button).setOnClickListener(this);
-        saveButton.setOnClickListener(this);
-        noteText.addTextChangedListener(this);
-        noteText.setText(null);
-
-        passwordEncryptor = new PasswordEncryptor();
-        hardwareEncryptor = new RSAHardwareEncryptor(this);
-    }
-
-    @Override
-    public boolean onCreateOptionsMenu(Menu menu) {
-        getMenuInflater().inflate(R.menu.secure_note, menu);
-        return true;
-    }
-
-    @Override
-    public boolean onPrepareOptionsMenu(Menu menu) {
-        menu.findItem(R.id.delete_button)
-                .setEnabled(this.isSecureNoteFilePresent());
-        return true;
-    }
-
-    @Override
-    public boolean onOptionsItemSelected(MenuItem item) {
-        switch (item.getItemId()) {
-            case R.id.delete_button:
-                new AlertDialog.Builder(this)
-                        .setMessage(R.string.delete_alert)
-                        .setCancelable(false)
-                        .setPositiveButton(android.R.string.yes,
-                                new DialogInterface.OnClickListener() {
-                                    public void onClick(DialogInterface dialog, int id) {
-                                        deleteSecureNote();
-                                    }
-                                })
-                        .setNegativeButton(android.R.string.no, null)
-                        .show();
-                return true;
-            default:
-                return super.onOptionsItemSelected(item);
-        }
-    }
-
-    private void getPassword(int requestCode, boolean verifyPasswords) {
-        Log.d(TAG, "Getting password");
-        GetPasswordDialog dialog = GetPasswordDialog.newInstance(requestCode,
-                6, verifyPasswords);
-        dialog.show(getSupportFragmentManager(),
-                GetPasswordDialog.class.getSimpleName());
-    }
-
-    private boolean isSecureNoteFilePresent() {
-        return getFileStreamPath(FILENAME).exists();
-    }
-
-    @Override
-    public void onPasswordValid(int requestType, String password) {
-        switch (requestType) {
-            case GET_PASSWORD_FOR_LOAD:
-                this.loadSecureNote(password);
-                break;
-            case GET_PASSWORD_FOR_SAVE:
-                this.saveSecureNote(password);
-                break;
-        }
-    }
-
-    @Override
-    public void onPasswordCancel() {
-        Log.d(TAG, "Canceled result. Ignoring.");
-    }
-
-    public void onClick(View v) {
-        int encryptionType = encryptionSelect.getCheckedRadioButtonId();
-        switch (v.getId()) {
-            case R.id.load_button:
-                if (encryptionType == R.id.type_password) {
-                    getPassword(GET_PASSWORD_FOR_LOAD, false);
-                } else {
-                    loadSecureNote(null);
-                }
-                break;
-            case R.id.save_button:
-                if (encryptionType == R.id.type_password) {
-                    getPassword(GET_PASSWORD_FOR_SAVE, true);
-                } else {
-                    saveSecureNote(null);
-                }
-                break;
-            default:
-                throw new IllegalArgumentException("Invalid Button");
-        }
-    }
-
-    @Override
-    protected void onDestroy() {
-        super.onDestroy();
-        noteText.getText().clear();
-    }
-
-    private void deleteSecureNote() {
-        Log.d(TAG, "Deleting note");
-        if (super.getFileStreamPath(FILENAME).delete()) {
-            toast(R.string.deleted_note);
-            Log.d(TAG, "Deleted note");
-        } else {
-            toast(R.string.failed_to_delete);
-            Log.e(TAG, "Failed to delete note");
-        }
-    }
-
-    @SuppressLint("StaticFieldLeak")
-    private void saveSecureNote(final String passkey) {
-        Log.d(TAG, "Saving note");
-        new AsyncTask<String, Void, Boolean>() {
-            @Override
-            protected Boolean doInBackground(String... strings) {
-                try {
-                    OutputStream out = openFileOutput(FILENAME, MODE_PRIVATE);
-                    byte[] noteData = strings[0].getBytes();
-                    if (passkey == null) {
-                        hardwareEncryptor.encryptData(noteData, out);
-                    } else {
-                        passwordEncryptor.encryptData(passkey, noteData, out);
-                    }
-                    Log.d(TAG, "Saved note to " + FILENAME);
-
-                    return true;
-                } catch (Exception e) {
-                    Log.e(TAG, "Failed to save note to " + FILENAME, e);
-                    getFileStreamPath(FILENAME).delete();
-                    return false;
-                }
-            }
-
-            @Override
-            protected void onPostExecute(Boolean result) {
-                if (result) {
-                    noteText.getText().clear();
-                    toast(R.string.saved_note);
-                } else {
-                    toast(R.string.failed_to_save);
-                }
-            }
-
-        }.execute(noteText.getText().toString());
-    }
-
-    @SuppressLint("StaticFieldLeak")
-    private void loadSecureNote(final String passkey) {
-        Log.d(TAG, "Loading note...");
-        new AsyncTask<Void, Void, String>() {
-            @Override
-            protected String doInBackground(Void... params) {
-                try {
-                    InputStream in = openFileInput(FILENAME);
-                    byte[] decrypted;
-                    if (passkey == null) {
-                        decrypted = hardwareEncryptor.decryptData(in);
-                    } else {
-                        decrypted = passwordEncryptor.decryptData(passkey, in);
-                    }
-                    Log.d(TAG, "Loaded note from " + FILENAME);
-                    return new String(decrypted);
-                } catch (Exception e) {
-                    Log.e(TAG, "Failed to load note from " + FILENAME, e);
-                    return null;
-                }
-            }
-
-            @Override
-            protected void onPostExecute(String result) {
-                if (result == null) {
-                    toast(R.string.failed_to_load);
-                } else {
-                    resultText.setText(result);
-                    toast(R.string.loaded_note);
-                }
-            }
-        }.execute();
-    }
-
-    private void toast(int resId) {
-        Toast.makeText(this, resId, Toast.LENGTH_LONG).show();
-    }
-
-    public void afterTextChanged(Editable s) {
-        saveButton.setEnabled(s.length() != 0);
-    }
-
-    @Override
-    public void beforeTextChanged(CharSequence s,
-                                  int start,
-                                  int count,
-                                  int after) {
-    }
-
-    @Override
-    public void onTextChanged(CharSequence s,
-                              int start,
-                              int before,
-                              int count) {
-    }
-}
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.kt b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.kt
new file mode 100644
index 0000000..7381632
--- /dev/null
+++ b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.kt
@@ -0,0 +1,220 @@
+package com.example.android.securenote
+
+import android.content.Context
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
+
+import android.os.Bundle
+import android.text.Editable
+import android.text.TextWatcher
+import android.util.Log
+import android.view.Menu
+import android.view.MenuItem
+import android.view.View
+import android.view.View.OnClickListener
+
+import android.widget.Toast
+import androidx.security.crypto.EncryptedFile
+import androidx.security.crypto.MasterKey
+
+import com.example.android.securenote.crypto.PasswordEncryptor
+import com.example.android.securenote.crypto.RSAHardwareEncryptor
+import com.example.android.securenote.databinding.SecureNoteBinding
+import kotlinx.coroutines.*
+import java.io.File
+
+class SecureNoteActivity : androidx.appcompat.app.AppCompatActivity(), OnClickListener, TextWatcher,
+    GetPasswordDialog.OnPasswordListener {
+    private lateinit var hardwareEncryptor: RSAHardwareEncryptor
+
+    private val isSecureNoteFilePresent: Boolean get() = getFileStreamPath(FILENAME).exists()
+    private lateinit var secureNoteBinding: SecureNoteBinding
+
+    public override fun onCreate(savedInstanceState: Bundle?) {
+        super.onCreate(savedInstanceState)
+
+        secureNoteBinding = SecureNoteBinding.inflate(layoutInflater)
+        setContentView(secureNoteBinding.root)
+
+        secureNoteBinding.loadButton.setOnClickListener(this)
+        secureNoteBinding.saveButton.setOnClickListener(this)
+        secureNoteBinding.noteText.addTextChangedListener(this)
+        secureNoteBinding.noteText.text = null
+
+        hardwareEncryptor = RSAHardwareEncryptor(this)
+    }
+
+    override fun onCreateOptionsMenu(menu: Menu): Boolean {
+        menuInflater.inflate(R.menu.secure_note, menu)
+        return true
+    }
+
+    override fun onPrepareOptionsMenu(menu: Menu): Boolean {
+        menu.findItem(R.id.delete_button).isEnabled = this.isSecureNoteFilePresent
+        return true
+    }
+
+    override fun onOptionsItemSelected(item: MenuItem): Boolean {
+        return when (item.itemId) {
+            R.id.delete_button -> {
+                androidx.appcompat.app.AlertDialog.Builder(this)
+                    .setMessage(R.string.delete_alert)
+                    .setCancelable(false)
+                    .setPositiveButton(
+                        R.string.yes
+                    ) { _, _ -> deleteSecureNote() }
+                    .setNegativeButton(R.string.no, null)
+                    .show()
+                true
+            }
+            else -> super.onOptionsItemSelected(item)
+        }
+    }
+
+    private fun getEncryptedFile(autoDelete: Boolean = false): EncryptedFile {
+        val file = File(filesDir, FILENAME)
+        if (autoDelete && file.exists()) {
+            file.delete()
+        }
+
+        return EncryptedFile.Builder(
+            applicationContext.applicationContext,
+            File(filesDir, FILENAME),
+            MasterKey.Builder(applicationContext)
+                .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+                .build(),
+            EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
+        ).build()
+    }
+
+    private fun getPassword(requestCode: Int, verifyPasswords: Boolean) {
+        Log.d(TAG, "Getting password")
+        val dialog = GetPasswordDialog.newInstance(
+            requestCode,
+            6, verifyPasswords
+        )
+        dialog.show(supportFragmentManager, GetPasswordDialog::class.java.simpleName)
+    }
+
+    override fun onPasswordValid(requestType: Int, password: String) {
+        when (requestType) {
+            GET_PASSWORD_FOR_LOAD -> this.loadSecureNote(password)
+            GET_PASSWORD_FOR_SAVE -> this.saveSecureNote(password)
+        }
+    }
+
+    override fun onPasswordCancel() {
+        Log.d(TAG, "Canceled result. Ignoring.")
+    }
+
+    override fun onClick(v: View) {
+        val encryptionType = secureNoteBinding.typeSelect.checkedRadioButtonId
+        when (v.id) {
+            R.id.load_button -> if (encryptionType == R.id.type_password) {
+                getPassword(GET_PASSWORD_FOR_LOAD, false)
+            } else {
+                loadSecureNote(null)
+            }
+            R.id.save_button -> if (encryptionType == R.id.type_password) {
+                getPassword(GET_PASSWORD_FOR_SAVE, true)
+            } else {
+                saveSecureNote(null)
+            }
+            else -> throw IllegalArgumentException("Invalid Button")
+        }
+    }
+
+    override fun onDestroy() {
+        super.onDestroy()
+        secureNoteBinding.noteText.text.clear()
+    }
+
+    private fun deleteSecureNote() {
+        Log.d(TAG, "Deleting note")
+        if (super.getFileStreamPath(FILENAME).delete()) {
+            toast(R.string.deleted_note)
+            Log.d(TAG, "Deleted note")
+        } else {
+            toast(R.string.failed_to_delete)
+            Log.e(TAG, "Failed to delete note")
+        }
+    }
+
+    private fun saveSecureNote(passkey: String?) {
+        Log.d(TAG, "Saving note")
+        val noteData = secureNoteBinding.noteText.text.toString().toByteArray()
+        CoroutineScope(Job()).launch(Dispatchers.IO) {
+            try {
+                if (passkey == null) {
+                    hardwareEncryptor.encryptData(noteData, openFileOutput(FILENAME, Context.MODE_PRIVATE))
+                } else {
+                    PasswordEncryptor.encryptData(passkey, noteData,
+                        getEncryptedFile(true).openFileOutput())
+                }
+                Log.d(TAG, "Saved note to $FILENAME")
+                withContext(Dispatchers.Main) {
+                    secureNoteBinding.noteText.text.clear()
+                    toast(R.string.saved_note)
+                }
+            } catch (e: Exception) {
+                Log.e(TAG, "Failed to save note to $FILENAME", e)
+                getFileStreamPath(FILENAME).delete()
+                withContext(Dispatchers.Main) {
+                    toast(R.string.failed_to_save)
+                }
+            }
+        }
+    }
+
+    private fun loadSecureNote(passkey: String?) {
+        Log.d(TAG, "Loading note...")
+        CoroutineScope(Job()).launch(Dispatchers.IO) {
+            try {
+                val decrypted: ByteArray? =
+                    if (passkey == null) {
+                        hardwareEncryptor.decryptData(openFileInput(FILENAME))
+                    } else {
+                        PasswordEncryptor.decryptData(passkey,
+                            getEncryptedFile().openFileInput())
+                    }
+                if (decrypted == null) {
+                    Log.e(TAG, "Failed to load note from $FILENAME")
+                    toast(R.string.failed_to_load)
+                } else {
+                    Log.d(TAG, "Loaded note from $FILENAME")
+                    withContext(Dispatchers.Main) {
+                        secureNoteBinding.textResult.text = String(decrypted)
+                        toast(R.string.loaded_note)
+                    }
+                }
+            } catch (e: Exception) {
+                Log.e(TAG, "Failed to load note from $FILENAME", e)
+            }
+        }
+    }
+
+    private fun toast(resId: Int) {
+        Toast.makeText(this, resId, Toast.LENGTH_LONG).show()
+    }
+
+    override fun afterTextChanged(s: Editable) {
+        secureNoteBinding.saveButton.isEnabled = s.isNotEmpty()
+    }
+
+    override fun beforeTextChanged(s: CharSequence, start: Int, count: Int, after: Int) {
+    }
+
+    override fun onTextChanged(s: CharSequence, start: Int, before: Int, count: Int) {
+    }
+
+    companion object {
+        private val TAG = SecureNoteActivity::class.java.simpleName
+
+        private const val FILENAME = "secure.note"
+
+        /* Password Activity Actions */
+        private const val GET_PASSWORD_FOR_LOAD = 1
+        private const val GET_PASSWORD_FOR_SAVE = 2
+    }
+}
+
diff --git a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.kt
similarity index 50%
rename from app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
rename to app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.kt
index 0ac34f8..e909e72 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.java
+++ b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.kt
@@ -1,48 +1,29 @@
-package com.example.android.securenote.crypto;
+package com.example.android.securenote.crypto
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.security.GeneralSecurityException;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.security.spec.InvalidKeySpecException;
+import java.io.IOException
+import java.io.InputStream
+import java.io.InputStreamReader
+import java.io.OutputStream
+import java.security.GeneralSecurityException
+import java.security.NoSuchAlgorithmException
+import java.security.SecureRandom
+import java.security.spec.InvalidKeySpecException
 
-import javax.crypto.SecretKey;
+import javax.crypto.SecretKey
 
-public class PasswordEncryptor {
-
-    private static final String ENCRYPTION_ALGORITHM = "AES/CBC/PKCS5Padding";
-    private static final int KEY_LENGTH = 256;
-    private static final int SALT_LENGTH = KEY_LENGTH / 8;
+object PasswordEncryptor {
+    private const val ENCRYPTION_ALGORITHM = "AES/CBC/PKCS5Padding"
+    private const val KEY_LENGTH = 256
+    private const val SALT_LENGTH = KEY_LENGTH / 8
 
     //Delimiter should be used between components of the ciphertext
     // We chose '&' because is not part of the Base64 character set
-    private static final String DELIMITER = "&";
+    private const val DELIMITER = "&"
 
-    private SecureRandom secureRandom;
+    // Do *not* seed secureRandom! Automatically seeded from system entropy.
+    private val secureRandom: SecureRandom = SecureRandom()
 
-    public PasswordEncryptor() {
-        // Do *not* seed secureRandom! Automatically seeded from system entropy.
-        secureRandom = new SecureRandom();
-    }
 
-    /**
-     * Create a new symmetric key used in both encryption and decryption
-     *
-     * @throws NoSuchAlgorithmException
-     * @throws InvalidKeySpecException
-     */
-    private SecretKey generateSecretKey(char[] passphraseOrPin, byte[] salt) throws
-            NoSuchAlgorithmException, InvalidKeySpecException {
-        /*
-         * TODO: Encryption Lab:
-         * Generate a new key from the supplied password+salt using AES.
-         * Use KEY_LENGTH for the length of the generated key.
-         */
-        return null;
-    }
 
     /**
      * Return a cipher text blob of encrypted data, Base64 encoded.
@@ -50,8 +31,8 @@ private SecretKey generateSecretKey(char[] passphraseOrPin, byte[] salt) throws
      * @throws GeneralSecurityException
      * @throws IOException
      */
-    public void encryptData(String passphrase, byte[] data, OutputStream out) throws
-            GeneralSecurityException, IOException {
+    @Throws(GeneralSecurityException::class, IOException::class)
+    fun encryptData(passphrase: String, data: ByteArray, out: OutputStream) {
         /*
          * TODO: Encryption Lab:
          * Use SecureRandom to generate a new salt, length=SALT_LENGTH
@@ -69,28 +50,46 @@ public void encryptData(String passphrase, byte[] data, OutputStream out) throws
      * @throws GeneralSecurityException
      * @throws IOException
      */
-    public byte[] decryptData(String passphrase, InputStream in) throws
-            GeneralSecurityException, IOException {
+    @Throws(GeneralSecurityException::class, IOException::class)
+    fun decryptData(passphrase: String, input: InputStream): ByteArray? {
         /*
          * TODO: Encryption Lab:
          * Parse the ciphertext blob and unpack the stored iv, salt, and encrypted contents.
          * Construct and use a Cipher to decrypt the data.
          * Return the decrypted bytes.
          */
-        return null;
+        return null
+    }
+
+    /**
+     * Create a new symmetric key used in both encryption and decryption
+     *
+     * @throws NoSuchAlgorithmException
+     * @throws InvalidKeySpecException
+     */
+    @Throws(NoSuchAlgorithmException::class, InvalidKeySpecException::class)
+    private fun generateSecretKey(passphraseOrPin: CharArray, salt: ByteArray): SecretKey? {
+        /*
+         * TODO: Encryption Lab:
+         * Generate a new key from the supplied password+salt using AES.
+         * Use KEY_LENGTH for the length of the generated key.
+         */
+        return null
     }
 
     /* Helper method to parse a file stream into memory */
-    private String readFile(InputStream in) throws IOException {
-        InputStreamReader reader = new InputStreamReader(in);
-        StringBuilder sb = new StringBuilder();
+    @Throws(IOException::class)
+    private fun readFile(input: InputStream): String {
+        val reader = InputStreamReader(input)
+        val sb = StringBuilder()
 
-        char[] inputBuffer = new char[2048];
-        int read;
-        while ((read = reader.read(inputBuffer)) != -1) {
-            sb.append(inputBuffer, 0, read);
+        val inputBuffer = CharArray(2048)
+        var read: Int = reader.read(inputBuffer)
+        while (read != -1) {
+            sb.append(inputBuffer, 0, read)
+            read = reader.read(inputBuffer)
         }
 
-        return sb.toString();
+        return sb.toString()
     }
 }
diff --git a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
deleted file mode 100644
index 23de7cc..0000000
--- a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.java
+++ /dev/null
@@ -1,175 +0,0 @@
-package com.example.android.securenote.crypto;
-
-import android.content.Context;
-import android.content.SharedPreferences;
-import android.security.KeyChain;
-import android.security.KeyPairGeneratorSpec;
-import android.util.Base64;
-import android.util.Base64InputStream;
-import android.util.Base64OutputStream;
-import android.util.Log;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.nio.ByteBuffer;
-import java.security.GeneralSecurityException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.UnrecoverableEntryException;
-import java.security.cert.CertificateException;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Calendar;
-import java.util.Date;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.security.auth.x500.X500Principal;
-
-public class RSAHardwareEncryptor {
-    private static final String TAG =
-            RSAHardwareEncryptor.class.getSimpleName();
-    private static final String PROVIDER_NAME = "AndroidKeyStore";
-    private static final String KEY_ALGORITHM = "RSA";
-    private static final String ENCRYPTION_ALGORITHM = "RSA/ECB/PKCS1Padding";
-
-    //Preferences alias for the public key
-    private static final String KEY_PUBLIC = "publickey";
-    //KeyStore alias for the private key
-    private static final String KEY_ALIAS = "secureKeyAlias";
-
-    //Persistent location where we will save the public key
-    private SharedPreferences publicKeyStore;
-
-    public RSAHardwareEncryptor(Context context) {
-        publicKeyStore = context.getSharedPreferences(
-                "publickey.store", Context.MODE_PRIVATE);
-        try {
-            if (!publicKeyStore.contains(KEY_PUBLIC)) {
-                generatePrivateKey(context);
-                Log.d(TAG, "Generated hardware-bound key");
-            } else {
-                Log.d(TAG, "Hardware key pair already exists");
-            }
-        } catch (Exception e) {
-            throw new RuntimeException("Unable to generate key material.");
-        }
-    }
-
-    /**
-     * Create a self-signed certificate and private key in hardware storage.
-     * Persist the (non-secret) public key into SharedPreferences.
-     *
-     * @throws GeneralSecurityException
-     */
-    private void generatePrivateKey(Context context) throws
-            GeneralSecurityException {
-        Calendar cal = Calendar.getInstance();
-        Date now = cal.getTime();
-        cal.add(Calendar.YEAR, 1);
-        Date end = cal.getTime();
-
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALGORITHM, PROVIDER_NAME);
-        kpg.initialize(new KeyPairGeneratorSpec.Builder(context)
-                .setAlias(KEY_ALIAS)
-                .setStartDate(now)
-                .setEndDate(end)
-                .setSerialNumber(BigInteger.valueOf(1))
-                .setSubject(new X500Principal("CN=" + KEY_ALIAS))
-                .build());
-
-        //Generate and bind the private key to hardware
-        KeyPair kp = kpg.generateKeyPair();
-
-        //Persist the public key
-        PublicKey publicKey = kp.getPublic();
-        String encodedKey = Base64.encodeToString(publicKey.getEncoded(), Base64.NO_WRAP);
-        publicKeyStore.edit().putString(KEY_PUBLIC, encodedKey).apply();
-    }
-
-    /**
-     * Return a cipher text blob of encrypted data, Base64 encoded.
-     *
-     * @throws GeneralSecurityException
-     * @throws IOException
-     */
-    public void encryptData(byte[] data, OutputStream out) throws
-            GeneralSecurityException, IOException {
-        /*
-         * TODO: Encryption Lab:
-         * Obtain the public key for encryption
-         * Create and init a Cipher (with ENCRYPTION_ALGORITHM)
-         * Wrap the supplied stream in another provides Base64 encoding
-         * Wrap the encoding stream in another that encrypts with cipher
-         * Write the supplied data to the streams.
-         */
-    }
-
-    /**
-     * Return decrypted data from the received cipher text blob.
-     *
-     * @throws GeneralSecurityException
-     * @throws IOException
-     */
-    public byte[] decryptData(InputStream in) throws
-            GeneralSecurityException, IOException {
-        /*
-         * TODO: Encryption Lab:
-         * Obtain the private key for decryption
-         * Create and init a Cipher (with ENCRYPTION_ALGORITHM)
-         * Wrap the supplied stream in another parses Base64 encoding
-         * Wrap the encoding stream in another that decrypts with cipher
-         * Read the stream fully and return the decrypted bytes
-         */
-        return null;
-    }
-
-    public Key retrievePublicKey() throws
-            NoSuchAlgorithmException, InvalidKeySpecException {
-        /*
-         * TODO: Encryption Lab:
-         * Get the encoded key from SharedPreferences
-         * Decode the key (from Base64) to raw bytes
-         * Return a public key instance from the bytes using KeyFactory
-         */
-        return null;
-    }
-
-    public Key retrievePrivateKey() throws
-            GeneralSecurityException, IOException {
-        /*
-         * TODO: Encryption Lab:
-         * Obtain an instance of AndroidKeyStore and load it
-         * Get the private key alias and return the key
-         */
-        return null;
-    }
-
-
-    /* Helper method to parse a file stream into memory */
-    private String readFile(InputStream in) throws IOException {
-        InputStreamReader reader = new InputStreamReader(in);
-        StringBuilder sb = new StringBuilder();
-
-        char[] inputBuffer = new char[2048];
-        int read;
-        while ((read = reader.read(inputBuffer)) != -1) {
-            sb.append(inputBuffer, 0, read);
-        }
-
-        return sb.toString();
-    }
-}
diff --git a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.kt b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.kt
new file mode 100644
index 0000000..fb25c65
--- /dev/null
+++ b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.kt
@@ -0,0 +1,170 @@
+package com.example.android.securenote.crypto
+
+import android.content.Context
+import android.content.SharedPreferences
+import android.os.Build
+import android.security.keystore.KeyGenParameterSpec
+import android.security.keystore.KeyProperties
+import android.util.Base64
+import android.util.Log
+import androidx.security.crypto.EncryptedSharedPreferences
+import androidx.security.crypto.MasterKey
+import java.io.IOException
+import java.io.InputStream
+import java.io.InputStreamReader
+import java.io.OutputStream
+import java.math.BigInteger
+import java.security.*
+import java.security.spec.InvalidKeySpecException
+import java.security.spec.RSAKeyGenParameterSpec
+import java.util.*
+import javax.security.auth.x500.X500Principal
+
+
+class RSAHardwareEncryptor(context: Context) {
+    var masterKey = MasterKey.Builder(context)
+        .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+        .build()
+
+    //Persistent location where we will save the public key
+    private val sharedPreferences: SharedPreferences = EncryptedSharedPreferences.create(
+        context,
+        "secret_shared_prefs",
+        masterKey,
+        EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
+        EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
+    )
+
+    init {
+        try {
+            if (!sharedPreferences.contains(KEY_PUBLIC)) {
+                generatePrivateKey()
+                Log.d(TAG, "Generated hardware-bound key")
+            } else {
+                Log.d(TAG, "Hardware key pair already exists")
+            }
+        } catch (e: Exception) {
+            Log.e(TAG, "Unable to generate key material.", e)
+            throw RuntimeException("Unable to generate key material.")
+        }
+    }
+
+    /**
+     * Create a self-signed certificate and private key in hardware storage.
+     * Persist the (non-secret) public key into SharedPreferences.
+     *
+     * @throws GeneralSecurityException
+     */
+    @Throws(GeneralSecurityException::class)
+    private fun generatePrivateKey() {
+        val keyPairGenerator =
+            KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, PROVIDER_NAME)
+        keyPairGenerator.initialize(
+            KeyGenParameterSpec.Builder(
+                KEY_ALIAS,
+                KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
+            )
+                .setAlgorithmParameterSpec(RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4))
+                .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
+                .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
+                .setDigests(
+                    KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384,
+                    KeyProperties.DIGEST_SHA512
+                )
+                //.setUserAuthenticationRequired(true) <-- requires fingerprint
+                .build()
+        )
+        val keyPair = keyPairGenerator.generateKeyPair()
+
+        // Persist the public key
+        val publicKey = keyPair.public
+        val encodedKey = Base64.encodeToString(publicKey.encoded, Base64.NO_WRAP)
+        sharedPreferences.edit().putString(KEY_PUBLIC, encodedKey).apply()
+    }
+
+    /**
+     * Return a cipher text blob of encrypted data, Base64 encoded.
+     *
+     * @throws GeneralSecurityException
+     * @throws IOException
+     */
+    @Throws(GeneralSecurityException::class, IOException::class)
+    fun encryptData(data: ByteArray, out: OutputStream) {
+        /*
+         * TODO: Encryption Lab:
+         * Obtain the public key for encryption
+         * Create and init a Cipher (with ENCRYPTION_ALGORITHM)
+         * Wrap the supplied stream in another provides Base64 encoding
+         * Wrap the encoding stream in another that encrypts with cipher
+         * Write the supplied data to the streams.
+         */
+    }
+
+    /**
+     * Return decrypted data from the received cipher text blob.
+     *
+     * @throws GeneralSecurityException
+     * @throws IOException
+     */
+    @Throws(GeneralSecurityException::class, IOException::class)
+    fun decryptData(input: InputStream): ByteArray? {
+        /*
+         * TODO: Encryption Lab:
+         * Obtain the private key for decryption
+         * Create and init a Cipher (with ENCRYPTION_ALGORITHM)
+         * Wrap the supplied stream in another parses Base64 encoding
+         * Wrap the encoding stream in another that decrypts with cipher
+         * Read the stream fully and return the decrypted bytes
+         */
+        return null
+    }
+
+    @Throws(NoSuchAlgorithmException::class, InvalidKeySpecException::class)
+    fun retrievePublicKey(): Key? {
+        /*
+         * TODO: Encryption Lab:
+         * Get the encoded key from SharedPreferences
+         * Decode the key (from Base64) to raw bytes
+         * Return a public key instance from the bytes using KeyFactory
+         */
+        return null
+    }
+
+    fun retrievePrivateKey(): PrivateKey? {
+        /*
+         * TODO: Encryption Lab:
+         * Obtain an instance of AndroidKeyStore and load it
+         * Get the private key alias and return the key
+         */
+        return null
+    }
+
+    /* Helper method to parse a file stream into memory */
+    @Throws(IOException::class)
+    private fun readFile(input: InputStream): String {
+        val reader = InputStreamReader(input)
+        val sb = StringBuilder()
+
+        val inputBuffer = CharArray(2048)
+        var read: Int = reader.read(inputBuffer)
+        while (read != -1) {
+            sb.append(inputBuffer, 0, read)
+            read = reader.read(inputBuffer)
+        }
+
+        return sb.toString()
+    }
+
+    companion object {
+        private val TAG = RSAHardwareEncryptor::class.java.simpleName
+        private const val PROVIDER_NAME = "AndroidKeyStore"
+        private const val KEY_ALGORITHM = "RSA"
+        private const val ENCRYPTION_ALGORITHM = "RSA/ECB/PKCS1Padding"
+
+        //Preferences alias for the public key
+        private const val KEY_PUBLIC = "publickey"
+
+        //KeyStore alias for the private key
+        private const val KEY_ALIAS = "secureKeyAlias"
+    }
+}
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 55aafe3..7c2541e 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -19,4 +19,7 @@
 	<string name="delete_alert">Are you sure you wish to delete?</string>
 	<string name="deleted_note">Deleted your note</string>
 	<string name="failed_to_delete">Failed to delete your note</string>
+	<string name="yes">Yes</string>
+	<string name="no">No</string>
+
 </resources>
diff --git a/build.gradle b/build.gradle
index 05357a1..055e40f 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,18 +1,20 @@
 // Top-level build file where you can add configuration options common to all sub-projects/modules.
 buildscript {
+    ext.kotlin_version = '1.5.21'
     repositories {
         google()
-        jcenter()
+        mavenCentral()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:4.0.1'
+        classpath 'com.android.tools.build:gradle:4.2.2'
+        classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
     }
 }
 
 allprojects {
     repositories {
         google()
-        jcenter()
+        mavenCentral()
     }
 }
 
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 9a6d613..f5bbfbe 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
-#Sat Jul 18 14:52:08 PDT 2020
+#Mon Jul 19 13:41:40 PDT 2021
 distributionBase=GRADLE_USER_HOME
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.7.1-bin.zip
 distributionPath=wrapper/dists
-zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.1.1-all.zip
+zipStoreBase=GRADLE_USER_HOME

From a9bc2095643081f818e108e37d9f9e4ae305c82e Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Fri, 23 Jul 2021 10:33:02 -0700
Subject: [PATCH 13/14] Update AndroidManifest.xml

---
 app/src/main/AndroidManifest.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index 7742338..ac3ad20 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -11,7 +11,8 @@
         tools:ignore="GoogleAppIndexingWarning">
         <activity
             android:name=".SecureNoteActivity"
-            android:label="@string/app_name">
+            android:label="@string/app_name"
+            android:exported="true">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
                 <category android:name="android.intent.category.LAUNCHER" />

From 51947b4a646d53a7be48a638ddbf0f34f6331a8e Mon Sep 17 00:00:00 2001
From: Gil Zhaiek <gilzhaiek@gmail.com>
Date: Fri, 23 Jul 2021 10:37:25 -0700
Subject: [PATCH 14/14] Squashed commit of the following:

commit cc25e40b86118d0191e873df3a202ad9ce07f72b
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Fri Jul 23 10:28:59 2021 -0700

    API-31

commit c4d93d491b6977f90fec10bc54439ff8092f2781
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 21:49:30 2021 -0700

    Update PasswordEncryptor.kt

commit d41cf88459e21cec4b59597bc649c9a85d110c16
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 21:25:03 2021 -0700

    Update RSAHardwareEncryptor.kt

commit d7f76b1e749def9c1e5b822a449c49aca44de40b
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 21:14:08 2021 -0700

    Update RSAHardwareEncryptor.kt

commit c3bae5bea874024ee9b506283288b7a82a5870d0
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 21:00:51 2021 -0700

    Update PasswordEncryptor.kt

commit dc28ff69604f65f0716b1a5d5d9c1c9caf36c112
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:36:39 2021 -0700

    Update RSAHardwareEncryptor.kt

commit 8bac786ed10263b23ed96396af37613a3906f4be
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:33:23 2021 -0700

    Update PasswordEncryptor.kt

commit 1b6fda01c63dddda7f9ea505bb61feed8df35ab4
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:22:02 2021 -0700

    Update PasswordEncryptor.kt

commit 387d1dedd6b949c498417ffc81365ebcac2a401c
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:22:00 2021 -0700

    Update SecureNoteActivity.kt

commit 952798307f5986f2cf8b6c50e3fd4e2a5f9ec2ff
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 20:09:32 2021 -0700

    using keyPairGenerator correctly

commit 9461b83bc8bae5e89474be3b8d69e858e10f3733
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 16:31:21 2021 -0700

    use of EncryptedFile

commit 85c33957a592acaee0db6c8a816cc144328aafbd
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:46:00 2021 -0700

    Update SecureNoteActivity.kt

commit 0b563bb7db9fb0272449be22fbad5b6c52fedd69
Merge: 181878b edad8cc
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:41:05 2021 -0700

    Merge remote-tracking branch 'origin/master-kotlin' into solution-kotlin

commit edad8cc651a239045c29f57d0dd5a7f445473b98
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:40:20 2021 -0700

    Update SecureNoteActivity.kt

commit 181878b310bf01c710d838732ddd40d40d8ef42f
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:39:46 2021 -0700

    reformat and cleanups

commit 4ac0280044172aa78f30d64730efac5c482934c5
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:35:17 2021 -0700

    Update RSAHardwareEncryptor.kt

commit 62c08b7c71265ac34c6d3e8ee170558f841d9bcf
Merge: 8d08d70 55c3e32
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:33:00 2021 -0700

    Merge remote-tracking branch 'origin/master-kotlin' into solution-kotlin

commit 55c3e3205ec2d577d95a9788992143d4419109b0
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jul 19 15:28:09 2021 -0700

    API-30 + Jetpack Security

commit 8d08d70a1c8e1b0c69a895bd0432ecb2623ed4aa
Merge: a45ec4c 21f9059
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Sat Jul 18 15:00:37 2020 -0700

    Merge remote-tracking branch 'origin/master-kotlin' into solution-kotlin

commit 21f90594eead5346b72c9a391826a46fcbad5f63
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Sat Jul 18 15:00:22 2020 -0700

    Android 10 update

commit b5a7fb9ff95527117bc4c8f1269edc55cfff57e9
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Tue Jun 4 13:37:45 2019 -0700

    Update AndroidManifest.xml

commit a45ec4c43c05e2339452fcb10ec3cc3b834ae52f
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Tue Jun 4 13:32:57 2019 -0700

    Update GetPasswordDialog.kt

commit 720455b651d9fbd2f383a2d638ca137f01dd796d
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jun 3 13:48:12 2019 -0700

    kotlin support

commit fdd2041ddc3ec6785f782c670bde277eabcf8fdf
Merge: 6d23138 c3e14b1
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jun 3 13:47:55 2019 -0700

    Merge remote-tracking branch 'origin/master-kotlin' into solution-kotlin

commit 6d23138b071ce1db19f78bd000b13b0582f2b3a0
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jun 3 13:19:16 2019 -0700

    java->kotlin

commit c3e14b10d9cea95dc2b36eadd1db0608d59c84f2
Author: Gil Zhaiek <gilzhaiek@gmail.com>
Date:   Mon Jun 3 13:10:12 2019 -0700

    added kotlin support
---
 app/src/main/AndroidManifest.xml              |   2 +-
 .../android/securenote/SecureNoteActivity.kt  |  16 +--
 .../securenote/crypto/PasswordEncryptor.kt    |  91 +++++++-----
 .../securenote/crypto/RSAHardwareEncryptor.kt | 136 +++++++++---------
 4 files changed, 131 insertions(+), 114 deletions(-)

diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index 267b0ae..0c37edf 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -19,4 +19,4 @@
             </intent-filter>
         </activity>
     </application>
-</manifest>
\ No newline at end of file
+</manifest>
diff --git a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.kt b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.kt
index 7381632..22eda54 100644
--- a/app/src/main/java/com/example/android/securenote/SecureNoteActivity.kt
+++ b/app/src/main/java/com/example/android/securenote/SecureNoteActivity.kt
@@ -170,22 +170,17 @@ class SecureNoteActivity : androidx.appcompat.app.AppCompatActivity(), OnClickLi
         Log.d(TAG, "Loading note...")
         CoroutineScope(Job()).launch(Dispatchers.IO) {
             try {
-                val decrypted: ByteArray? =
+                val decrypted: ByteArray =
                     if (passkey == null) {
                         hardwareEncryptor.decryptData(openFileInput(FILENAME))
                     } else {
                         PasswordEncryptor.decryptData(passkey,
                             getEncryptedFile().openFileInput())
                     }
-                if (decrypted == null) {
-                    Log.e(TAG, "Failed to load note from $FILENAME")
-                    toast(R.string.failed_to_load)
-                } else {
-                    Log.d(TAG, "Loaded note from $FILENAME")
-                    withContext(Dispatchers.Main) {
-                        secureNoteBinding.textResult.text = String(decrypted)
-                        toast(R.string.loaded_note)
-                    }
+                Log.d(TAG, "Loaded note from $FILENAME")
+                withContext(Dispatchers.Main) {
+                    secureNoteBinding.textResult.text = String(decrypted)
+                    toast(R.string.loaded_note)
                 }
             } catch (e: Exception) {
                 Log.e(TAG, "Failed to load note from $FILENAME", e)
@@ -217,4 +212,3 @@ class SecureNoteActivity : androidx.appcompat.app.AppCompatActivity(), OnClickLi
         private const val GET_PASSWORD_FOR_SAVE = 2
     }
 }
-
diff --git a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.kt b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.kt
index e909e72..0398fcd 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.kt
+++ b/app/src/main/java/com/example/android/securenote/crypto/PasswordEncryptor.kt
@@ -1,5 +1,6 @@
 package com.example.android.securenote.crypto
 
+import android.util.Base64
 import java.io.IOException
 import java.io.InputStream
 import java.io.InputStreamReader
@@ -9,22 +10,22 @@ import java.security.NoSuchAlgorithmException
 import java.security.SecureRandom
 import java.security.spec.InvalidKeySpecException
 
+import javax.crypto.Cipher
 import javax.crypto.SecretKey
+import javax.crypto.SecretKeyFactory
+import javax.crypto.spec.IvParameterSpec
+import javax.crypto.spec.PBEKeySpec
+import javax.crypto.spec.SecretKeySpec
 
 object PasswordEncryptor {
     private const val ENCRYPTION_ALGORITHM = "AES/CBC/PKCS5Padding"
     private const val KEY_LENGTH = 256
     private const val SALT_LENGTH = KEY_LENGTH / 8
-
-    //Delimiter should be used between components of the ciphertext
-    // We chose '&' because is not part of the Base64 character set
     private const val DELIMITER = "&"
 
     // Do *not* seed secureRandom! Automatically seeded from system entropy.
     private val secureRandom: SecureRandom = SecureRandom()
 
-
-
     /**
      * Return a cipher text blob of encrypted data, Base64 encoded.
      *
@@ -33,15 +34,26 @@ object PasswordEncryptor {
      */
     @Throws(GeneralSecurityException::class, IOException::class)
     fun encryptData(passphrase: String, data: ByteArray, out: OutputStream) {
-        /*
-         * TODO: Encryption Lab:
-         * Use SecureRandom to generate a new salt, length=SALT_LENGTH
-         * Use SecureRandom to generate a new iv, length=getBlockSize()
-         * Create and use a cipher to encrypt the incoming data (ENCRYPTION_ALGORITHM is already set).
-         * Pack and write all three (salt,iv,encrypted) as a ciphertext blob to the provided stream.
-         * - Each item should have a DELIMITER between it
-         * Don't forget to Base64 encode everything you write to the file
-         */
+        val cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM)
+
+        val salt = ByteArray(SALT_LENGTH)
+        secureRandom.nextBytes(salt)
+
+        val iv = ByteArray(cipher.blockSize)
+        secureRandom.nextBytes(iv)
+
+        val key = generateSecretKey(passphrase.toCharArray(), salt)
+        cipher.init(Cipher.ENCRYPT_MODE, key, IvParameterSpec(iv))
+
+        //Pack the result in a cipher text blob
+        val encrypted = cipher.doFinal(data)
+        out.write(Base64.encode(salt, Base64.NO_WRAP))
+        out.write(DELIMITER.toByteArray())
+        out.write(Base64.encode(iv, Base64.NO_WRAP))
+        out.write(DELIMITER.toByteArray())
+        out.write(Base64.encode(encrypted, Base64.NO_WRAP))
+        out.flush()
+        out.close()
     }
 
     /**
@@ -51,33 +63,40 @@ object PasswordEncryptor {
      * @throws IOException
      */
     @Throws(GeneralSecurityException::class, IOException::class)
-    fun decryptData(passphrase: String, input: InputStream): ByteArray? {
-        /*
-         * TODO: Encryption Lab:
-         * Parse the ciphertext blob and unpack the stored iv, salt, and encrypted contents.
-         * Construct and use a Cipher to decrypt the data.
-         * Return the decrypted bytes.
-         */
-        return null
+    fun decryptData(passphrase: String, input: InputStream): ByteArray {
+        //Unpack cipherText
+        val cipherText = readFile(input)
+        val fields =
+            cipherText.split(DELIMITER.toRegex()).dropLastWhile { it.isEmpty() }.toTypedArray()
+        if (fields.size != 3) {
+            throw IllegalArgumentException("Not a valid cipher text blob")
+        }
+
+        val salt = Base64.decode(fields[0], Base64.NO_WRAP)
+        val iv = Base64.decode(fields[1], Base64.NO_WRAP)
+        val encrypted = Base64.decode(fields[2], Base64.NO_WRAP)
+
+        val key = generateSecretKey(passphrase.toCharArray(), salt)
+        val cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM)
+
+        cipher.init(Cipher.DECRYPT_MODE, key, IvParameterSpec(iv))
+
+        return cipher.doFinal(encrypted)
     }
 
-    /**
-     * Create a new symmetric key used in both encryption and decryption
-     *
-     * @throws NoSuchAlgorithmException
-     * @throws InvalidKeySpecException
-     */
     @Throws(NoSuchAlgorithmException::class, InvalidKeySpecException::class)
-    private fun generateSecretKey(passphraseOrPin: CharArray, salt: ByteArray): SecretKey? {
-        /*
-         * TODO: Encryption Lab:
-         * Generate a new key from the supplied password+salt using AES.
-         * Use KEY_LENGTH for the length of the generated key.
-         */
-        return null
+    private fun generateSecretKey(passphraseOrPin: CharArray, salt: ByteArray): SecretKey {
+        // Number of PBKDF2 hardening rounds to use. Larger values increase
+        // computation time. You should select a value that causes computation
+        // to take >100ms.
+        val iterations = 1000
+
+        val secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1")
+        val keySpec = PBEKeySpec(passphraseOrPin, salt, iterations, KEY_LENGTH)
+        val keyBytes = secretKeyFactory.generateSecret(keySpec).encoded
+        return SecretKeySpec(keyBytes, "AES")
     }
 
-    /* Helper method to parse a file stream into memory */
     @Throws(IOException::class)
     private fun readFile(input: InputStream): String {
         val reader = InputStreamReader(input)
diff --git a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.kt b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.kt
index fb25c65..58c2230 100644
--- a/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.kt
+++ b/app/src/main/java/com/example/android/securenote/crypto/RSAHardwareEncryptor.kt
@@ -2,10 +2,11 @@ package com.example.android.securenote.crypto
 
 import android.content.Context
 import android.content.SharedPreferences
-import android.os.Build
 import android.security.keystore.KeyGenParameterSpec
 import android.security.keystore.KeyProperties
 import android.util.Base64
+import android.util.Base64InputStream
+import android.util.Base64OutputStream
 import android.util.Log
 import androidx.security.crypto.EncryptedSharedPreferences
 import androidx.security.crypto.MasterKey
@@ -13,12 +14,13 @@ import java.io.IOException
 import java.io.InputStream
 import java.io.InputStreamReader
 import java.io.OutputStream
-import java.math.BigInteger
 import java.security.*
 import java.security.spec.InvalidKeySpecException
 import java.security.spec.RSAKeyGenParameterSpec
-import java.util.*
-import javax.security.auth.x500.X500Principal
+import java.security.spec.X509EncodedKeySpec
+import javax.crypto.Cipher
+import javax.crypto.CipherInputStream
+import javax.crypto.CipherOutputStream
 
 
 class RSAHardwareEncryptor(context: Context) {
@@ -50,11 +52,72 @@ class RSAHardwareEncryptor(context: Context) {
     }
 
     /**
-     * Create a self-signed certificate and private key in hardware storage.
-     * Persist the (non-secret) public key into SharedPreferences.
+     * Return a cipher text blob of encrypted data, Base64 encoded.
      *
      * @throws GeneralSecurityException
+     * @throws IOException
      */
+    @Throws(GeneralSecurityException::class, IOException::class)
+    fun encryptData(data: ByteArray, outputStream: OutputStream) {
+        val key = retrievePublicKey()
+        val cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM)
+        cipher.init(Cipher.ENCRYPT_MODE, key)
+
+        // Encode output to file
+        var out: OutputStream = Base64OutputStream(outputStream, Base64.NO_WRAP)
+
+        // Encrypt output to encoder
+        out = CipherOutputStream(out, cipher)
+
+        try {
+            out.write(data)
+            out.flush()
+        } finally {
+            out.close()
+        }
+    }
+
+    /**
+     * Return decrypted data from the received cipher text blob.
+     *
+     * @throws GeneralSecurityException
+     * @throws IOException
+     */
+    @Throws(GeneralSecurityException::class, IOException::class)
+    fun decryptData(inputStream: InputStream): ByteArray {
+        val privateKey = retrievePrivateKey()
+
+        val cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM)
+        cipher.init(Cipher.DECRYPT_MODE, privateKey)
+
+        //Decode input from file
+        var input: InputStream = Base64InputStream(inputStream, Base64.NO_WRAP)
+        //Decrypt input from decoder
+        input = CipherInputStream(input, cipher)
+
+        return readFile(input).toByteArray(Charsets.UTF_8)
+    }
+
+    @Throws(NoSuchAlgorithmException::class, InvalidKeySpecException::class)
+    fun retrievePublicKey(): Key {
+        val encodedKey = sharedPreferences.getString(KEY_PUBLIC, null)
+            ?: throw RuntimeException("Expected valid public key!")
+
+        val publicKey = Base64.decode(encodedKey, Base64.NO_WRAP)
+        return KeyFactory.getInstance(KEY_ALGORITHM)
+            .generatePublic(X509EncodedKeySpec(publicKey))
+    }
+
+    private fun retrievePrivateKey(): PrivateKey? {
+        val keyStore = KeyStore.getInstance(PROVIDER_NAME).apply {
+            load(null)
+        }
+
+        val entry = keyStore.getEntry(KEY_ALIAS, null) as KeyStore.PrivateKeyEntry
+
+        return entry.privateKey
+    }
+
     @Throws(GeneralSecurityException::class)
     private fun generatePrivateKey() {
         val keyPairGenerator =
@@ -82,64 +145,6 @@ class RSAHardwareEncryptor(context: Context) {
         sharedPreferences.edit().putString(KEY_PUBLIC, encodedKey).apply()
     }
 
-    /**
-     * Return a cipher text blob of encrypted data, Base64 encoded.
-     *
-     * @throws GeneralSecurityException
-     * @throws IOException
-     */
-    @Throws(GeneralSecurityException::class, IOException::class)
-    fun encryptData(data: ByteArray, out: OutputStream) {
-        /*
-         * TODO: Encryption Lab:
-         * Obtain the public key for encryption
-         * Create and init a Cipher (with ENCRYPTION_ALGORITHM)
-         * Wrap the supplied stream in another provides Base64 encoding
-         * Wrap the encoding stream in another that encrypts with cipher
-         * Write the supplied data to the streams.
-         */
-    }
-
-    /**
-     * Return decrypted data from the received cipher text blob.
-     *
-     * @throws GeneralSecurityException
-     * @throws IOException
-     */
-    @Throws(GeneralSecurityException::class, IOException::class)
-    fun decryptData(input: InputStream): ByteArray? {
-        /*
-         * TODO: Encryption Lab:
-         * Obtain the private key for decryption
-         * Create and init a Cipher (with ENCRYPTION_ALGORITHM)
-         * Wrap the supplied stream in another parses Base64 encoding
-         * Wrap the encoding stream in another that decrypts with cipher
-         * Read the stream fully and return the decrypted bytes
-         */
-        return null
-    }
-
-    @Throws(NoSuchAlgorithmException::class, InvalidKeySpecException::class)
-    fun retrievePublicKey(): Key? {
-        /*
-         * TODO: Encryption Lab:
-         * Get the encoded key from SharedPreferences
-         * Decode the key (from Base64) to raw bytes
-         * Return a public key instance from the bytes using KeyFactory
-         */
-        return null
-    }
-
-    fun retrievePrivateKey(): PrivateKey? {
-        /*
-         * TODO: Encryption Lab:
-         * Obtain an instance of AndroidKeyStore and load it
-         * Get the private key alias and return the key
-         */
-        return null
-    }
-
-    /* Helper method to parse a file stream into memory */
     @Throws(IOException::class)
     private fun readFile(input: InputStream): String {
         val reader = InputStreamReader(input)
@@ -156,12 +161,11 @@ class RSAHardwareEncryptor(context: Context) {
     }
 
     companion object {
-        private val TAG = RSAHardwareEncryptor::class.java.simpleName
+        private val TAG = "RSAHardwareEncryptor"
         private const val PROVIDER_NAME = "AndroidKeyStore"
         private const val KEY_ALGORITHM = "RSA"
         private const val ENCRYPTION_ALGORITHM = "RSA/ECB/PKCS1Padding"
 
-        //Preferences alias for the public key
         private const val KEY_PUBLIC = "publickey"
 
         //KeyStore alias for the private key